[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Adrian Midgley wrote: | | What I'd like to do is to (understand what is required to) separate | attachments from emails passing through a Linux machine (Debian, Postfix | probably) saving the attachments into a specific directory or tree of | directories, and preferably adding a line to the body of the email | saying | | "your attachment random.gif is in | /var/mail/quarantine/suspicious/unsorted/packages/awaiting/collection/random.gif | This is for system security". | | Or words to that effect. | | Is it hard?
I doubt it - all you need is something that understand MIME (Perl modules exist to do that?), a way to generate unique filenames YYYYMMDDHHMMSS (is pretty close, add a count if they are duplicated, an extension type for the challenged browser), and just write a filter on email delivery (ala /etc/procmailrc).
You might want to put it in the users own space somewhere, and password
protect the web access using Apache auth which is easily integrated with
/etc/{passwd|shadow}.You might also want a delete... then again you might not.
All of which is a lot of trouble when you probably ought to spend the effort sorting decent email client settings.
There are of course pathological cases surrounding signing and encryption, so you may lose as much or more security information than you gain, and some bad stuff may make it through as weird attachment types you haven't catered for (uuencode, binhex, and other dross could still be used, who knows which email clients support these archaic forms?).
I thought the main problem with Microsoft email clients these days is figuring out how to open legitimate attachments of types Microsoft have deemed you shouldn't have ;) -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCdmpqGFXfHI9FVgYRAqemAJ9mj5ybrvoDIPO82o/8Ks9mM/gnlQCePn83 BkuPzrt6/dBVDeGZJnTUcTY= =5W7G -----END PGP SIGNATURE-----
-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html