#!/usr/local/plan9/bin/rc rfork n . 9.rc # exit status matching: # # $discard - is really bad, refuse the message # $accept - is really good, leave attachment alone # anything else - rewrite attachment to have .suspect extension # # magic exit statuses known to vf accept=10 discard=13 wrap=123 # anything but 10, 13 if(! ~ $#* 1){ echo usage: validateattachment mboxfile >[1=2] exit usage } # some idiot virus is sending around attachments marked as .zip # that are completely bogus and just say %TS_ZIP_ATTACH% # as the base64 encoding of the zip file. gmail rejects all zip # attachments when we forward them, so nip this one here. if(grep -s '^%TS_ZIP_ATTACH%$' $1 && ~ `{wc -l <$1} 1 2 3 4 5 6 7 8 9 10){ echo bogus zip file! exit $discard } upas/unvf < $1 >$1.unvf file=$1.unvf fn sigexit { rm $file } fn save { # d=`{date -n} # cp $file /n/other/upas/tmp/$d.$1 # cp raw /n/other/upas/tmp/$d.$1.raw # whatis x >/n/other/upas/tmp/$d.$1.file } x=`{file <$file | sed s/stdin://} x=$"x switch($x){ case *Ascii* *text* *'c program'* *'rc executable'* save accept exit $accept case *'zip archive'* # >[2=1] because sometimes we get zip files we can't parse # but the errors look like # unzip: reading data for philw.doc.scr failed: ... # so we can still catch these. if(! unzip -tsf $file >[2=1] >/dev/null){ echo corrupt zip file! exit $discard } if(unzip -tsf $file >[2=1] | grep -si ' |\.(scr|exe|pif|bat|com)$'){ echo executables inside zip file! exit $discard } case jpeg 'PNG image' bmp 'GIF image' *'plan 9 image' save accept exit $accept case *Microsoft* *Office* save wrap exit $wrap case *MSDOS* # no executables echo $x exit $discard } save wrap exit $wrap