[Esd-l] Selective filtering

John D. Hardin jhardin at impsec.org
Fri Jul 25 06:07:58 PDT 2003 

On Fri, 25 Jul 2003, Mark Wendt wrote:

> 	Had a question posed to me recently, and haven't had much
> luck finding it in the docs.  Can we filter selectively on domains
> as to whether or not a certain file type passes or gets rejected
> by the ESD software?  I didn't think we could, but just wanted to
> make sure before I told the questioner no...

Sure. All of the capabilities of procmail are still present. You can
write a rule to detect a message from a particular domain and set the
configuration variables for that message however you like. 

Note that the sanitizer itself doesn't do this. It's just a
specialized procmail "filter rule". Whether or not, and how, it gets
applied to a message is under the control of the procmail rules you've
written.

In broad strokes:

   set default/global options

   :0
   * detect domain one
   {
      set domain one options
   }

   :0
   * detect domain two
   {
      set domain two options
   }

   :0
   * detect domain three
   {
      set domain three options
   }

   ...etc

   :0
   * check whether user has opted out, if not
   {
      run sanitizer
   }


'course, it does presume some familiarity with procmail syntax and
email headers. It's a powerful tool, and correspondingly complex.

Things you may want to set on a per-sender basis:

	mangle list
	poison/strip list
	webbug defanging (for embedded images)
	trusting HTML
	trusting Outlook Rich Text format messages
	quarantine file
	recipient notification

I'm sure there are others.

The sanitizer ships with and the configuration recommendations are for
a fairly high level of paranoia. It's up to you to tune it for your
own needs, and there are a lot of knobs you can twiddle to do this.

--
 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org                        pgpk -a jhardin at impsec.org
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  The fetters imposed on liberty at home have ever been forged out
  of the weapons provided for defense against real, pretended, or
  imaginary dangers from abroad.
                                            -- James Madison, 1799
-----------------------------------------------------------------------
   467 days until the Presidential Election

More information about the esd-l mailing list