anomy-list

Re: Just an idea for handling tnef

From: szucs (93049@xyz.molar.is)
Date: Thu 18 Sep 2003 - 10:24:46 GMT

  • Next message: Jesse Millan: "return path != from"

    It works!

    Here is the complete solution (Though it presently lacks some error
    handling):

     The procmail filter rule:
    :0fw B
    * name=.*winmail\.dat
    | /usr/bin/sed 's!winmail\.dat!!g' | /usr/bin/sed
    's!application\/ms\-tnef!application\/zip!g'

    The sanitizer file_list rule:
    file_list_5_scanner = 0:1:1:/usr/local/bin/tnef2zip %FILENAME
    file_list_5_policy = accept:save:save:save
    file_list_5 = (?i)(winmail\.zip)$

    The tnef2zip script:
    #!/usr/local/bin/bash
    # This might be improved a bit to ensure that the temporary directory name
    is always unique
    celmappa=/tmp/tn-`date +"%Y%m%d%H%M%S"`
    celfajl=`/bin/echo $1 | /usr/bin/sed 's!.*\/!!'`
    celalmappa=$celmappa/$celfajl.dir
    mkdir $celmappa
    mkdir $celmappa/$celfajl.dir
    # Call the tnef unix tool to extract the files from winmail.zip
    /bin/cat $1 | /usr/local/bin/tnef -C $celalmappa
    # Zip up the files into a temporary zip file
    /usr/local/bin/zip -jqr $celmappa/new.zip $celalmappa
    # Call clam av by an external wrapper script to virus scan the zip file
    if /usr/local/bin/scanarchives $celmappa/new.zip > /dev/null
    then
    /bin/cp $celmappa/new.zip $1
    /bin/rm -R $celmappa
    else
    exit 1
    fi

    The scanarchives script:
    #! /usr/local/bin/bash
    if unzip -l $1 | grep -s -i -E '\.(exe|com|vbs|vbe|chm|bat|pif|sys|scr)$' >
    /dev/null
    then
    exit 1 ;
    else
    if /usr/local/bin/clamscan --unzip=/usr/local/bin/unzip $1 > /dev/null
    then
    exit 0 ;
    else
    exit 1 ;
    fi
    fi

    And voila: the contents of the winmail.dat gets zipped into winmail.zip, and
    undergone virus scan, too.



    hosted by molar.is