It works!
Here is the complete solution (Though it presently lacks some error
handling):
The procmail filter rule:
:0fw B
* name=.*winmail\.dat
| /usr/bin/sed 's!winmail\.dat!!g' | /usr/bin/sed
's!application\/ms\-tnef!application\/zip!g'
The sanitizer file_list rule:
file_list_5_scanner = 0:1:1:/usr/local/bin/tnef2zip %FILENAME
file_list_5_policy = accept:save:save:save
file_list_5 = (?i)(winmail\.zip)$
The tnef2zip script:
#!/usr/local/bin/bash
# This might be improved a bit to ensure that the temporary directory name
is always unique
celmappa=/tmp/tn-`date +"%Y%m%d%H%M%S"`
celfajl=`/bin/echo $1 | /usr/bin/sed 's!.*\/!!'`
celalmappa=$celmappa/$celfajl.dir
mkdir $celmappa
mkdir $celmappa/$celfajl.dir
# Call the tnef unix tool to extract the files from winmail.zip
/bin/cat $1 | /usr/local/bin/tnef -C $celalmappa
# Zip up the files into a temporary zip file
/usr/local/bin/zip -jqr $celmappa/new.zip $celalmappa
# Call clam av by an external wrapper script to virus scan the zip file
if /usr/local/bin/scanarchives $celmappa/new.zip > /dev/null
then
/bin/cp $celmappa/new.zip $1
/bin/rm -R $celmappa
else
exit 1
fi
The scanarchives script:
#! /usr/local/bin/bash
if unzip -l $1 | grep -s -i -E '\.(exe|com|vbs|vbe|chm|bat|pif|sys|scr)$' >
/dev/null
then
exit 1 ;
else
if /usr/local/bin/clamscan --unzip=/usr/local/bin/unzip $1 > /dev/null
then
exit 0 ;
else
exit 1 ;
fi
fi
And voila: the contents of the winmail.dat gets zipped into winmail.zip, and
undergone virus scan, too.