On 2004-05-25, 10:54:30 (-0700), David Fetrow wrote:
> THANKYOU VERY MUCH FOR ANOMY!
You're very welcome! :)
> This is a request for a feature we think
> would be useful, hopefully to you and others as well.
> We would like to institute a self-retrieve website
> so we needn't unquarantine every legit attachment (all .1%
> of them).
> One way that would be MUCH easier/secureable is if we had a way
> to attach the login name to the filename as saved (note:
> we save ours in around 60 subdirectories by first character
> of original attachment; makes things more manageable).
> e.g. att-$A-$F-$T.$$
> where $A is the address (or username) it was sent to.
> If we could save as the username, even better.
OK, this should be easy enough - the main question would be how to
pass the login name to the Sanitizer. Currently the only information
the Sanitizer has comes from the message headers, and as you probably
know from personal experience, thanks to "bcc" and mailing lists and
such things, the user's login name may actually not occur anywhere
in the message headers.
If you're running from within a procmail environment, then it's easy
enough to set an environment variable containing the recipient's
login name - but if you can set an environment variable, you can
just as easily customize the sanitizer's config instead. An example
of this is actually implemented in the procmail ruleset I
distributed the other day, which is at:
If you take a look at that code, then you can see that the procmail
recipie defines a TMPDIR which is based on the recipient's login name:
This is then used to define a custom file_name_tpl when the sanitizer
"file_name_tpl = $TMPDIR/eml-$DATE-$$"'-$$$-$F' \
'feat_log_stderr = 1' \
If you aren't running from within procmail, you could almost
certainly implement a similar strategy using a simple shell-script
wrapper around the sanitizer.
Does this help solve your problem?
-- Bjarni Rúnar Einarsson email@example.com http://bre.klaki.net/
PGP: 02764305, B7A3AB89