1#!/bin/rc 2rfork n 3 4# exit status matching: 5# 6# *discard* - is really bad, refuse the message 7# *accept* - is really good, leave attachment alone 8# * - rewrite attachment to have .suspect extension 9# 10 11if(! ~ $#* 1){ 12 echo usage: validateattachment mboxfile >[1=2] 13 exit usage 14} 15 16echo validating >[1=2] 179fs other 18fn save { 19 d=`{date -n} 20 cp body /n/other/upas/tmp/$d.$1 21 cp raw /n/other/upas/tmp/$d.$1.raw 22 whatis x >/n/other/upas/tmp/$d.$1.file 23} 24 25upas/fs -f $1 26cd /mail/fs/mbox/1 27 28x=`{file body | sed s/body://} 29x=$"x 30switch($x){ 31case *Ascii* *text* *'c program'* *'rc executable'* 32 save accept 33 exit accept 34 35case *'zip archive'* 36 # >[2=1] because sometimes we get zip files we can't parse 37 # but the errors look like 38 # unzip: reading data for philw.doc.scr failed: ... 39 # so we can still catch these. 40 if(unzip -tsf body >[2=1] | grep -si ' |\.(scr|exe|pif|bat|com)$'){ 41 echo executables inside zip file! 42 exit discard 43 } 44 45case jpeg 'PNG image' bmp 'GIF image' *'plan 9 image' 46 save accept 47 exit accept 48 49case *Microsoft* *Office* 50 save wrap 51 exit wrap 52 53case *MSDOS* 54 # no executables 55 echo $x 56 exit discard 57} 58 59save wrap 60exit wrap 61 62 63