Joshua Megerman wrote:
>
> I could have sworn this has been asked before, but I can't find it anywhere,
> so...
>
> I would like to block attachments with double extensions that are used to
> hide viruses - specifically things like .txt.vbs and so forth. I know jus
> tblocking all .vbs files will take care of that, but a more generic set
> would be .???.{exe,com,vbs,pif,scr,lnk,(others)}. Is there any way to do
> this? if I put .vbs in quarantine-attachments.txt it works fine, but if I
> put .txt.vbs in it fails. Wildcards and regexps don't work either...
>
> Any suggestions, or is this a "wait for v2" feature...
if I'm not mistaken, v1.12 already takes care of those cases:
# Grab extension for wildcard matches
if ($file=~/(^.*)(\.[^\.]+)$/) {
$extension=tolower($2);
} else {
$extension="";
}
the regexp is a (greedy) match on everything followed by a "." followed by
whatever is NOT a "." to end
so foo.txt.vbs would end up with .vbs
foo.exe.pif would end up with .pif
-------------------------------------------------------
This sf.net email is sponsored by: Jabber - The world's fastest growing
real-time communications platform! Don't just IM. Build it in!
http://www.jabber.com/osdn/xim
_______________________________________________
Qmail-scanner-general mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
