[Mimedefang] blocked file types in text file
John Rudd
john at rudd.cc
Mon Sep 19 15:46:54 EDT 2005
Here's my code. It's based upon the 4 field file that mailscanner uses
(so that I wouldn't have to re-do all of our extensions). That file is
in the form:
allow|deny(tab)regex(tab)log-text(tab)user-text
(user-text is a user-friendly explanation for why this attachment is
blocked; log-text is a shorter (and thus log-friendly) version of the
same)
Here's my code:
@myfilenames = undef;
open (FILENAMERULES, "</etc/mail/filename.rules.conf");
while (defined ($line = <FILENAMERULES>)) {
chomp $line;
$line =~ s/\#.*//;
$line =~ s/^\s+//;
$line =~ s/\s+$//;
if ($line ne "") {
push(@myfilenames, $line);
}
}
close (FILENAMERULES);
# This procedure returns true for entities with bad filenames.
sub filter_bad_filename ($) {
my ($entity) = @_;
my ($bad_exts, $re, $perm, $regex, $logtxt, $usertxt);
foreach $re (@myfilenames) {
($perm, $regex, $logtxt, $usertxt) = split(/ +/, $re);
if (re_match($entity, $regex)) {
if ($perm eq "allow") {
return (0);
}
if ($perm eq "deny") {
return (1);
}
} # if re_match
} # foreach
return 0;
}
This is a simple one that doesn't actually use the user-text or
log-text. I also have a version I'm testing that instead of just
returning 1 or 0, returns (perm,logtxt,usertxt), so that the usertxt
can be incorporated into the response, and logtxt can be incorporated
into the logs.
I also tried to smash them together into 2 strings, like this:
$allowregex = '(\.gif$)|(\.jpg$)(and more expressions)';
$denyregex = '(\.exe$)|(\.com$)|(\.ma[dgf]$)(and more expressions)';
But I couldn't figure out a way to get perl to tell me _which_ part of
the regular expression was matched (you can get it to tell you which
part of the _target_ string was matched, like command.com matched
against ".com", if you use $&, which is REALLY slow ... but it wont
tell you that in the regex it matched (\.com$), so that you can use it
as an index into a hash that contains logtxt and usertxt ... so I would
still have to iterate through to find out what rule was tripped, so
that I can then return the appropriate logtxt and usertxt ... so in the
end, that wouldn't be any faster than what's above.
More information about the MIMEDefang
mailing list