X-Git-Url: https://git.exim.org/exim-website.git/blobdiff_plain/43f0ac72cd61fc33efee72a38543984bd8dea4d1..2d20f848725a0adc1e949802d9a0a9312e480c4b:/system_filter.exim

diff --git a/system_filter.exim b/system_filter.exim
deleted file mode 100644
index 8dc8bb1..0000000
--- a/system_filter.exim
+++ /dev/null
@@ -1,187 +0,0 @@
-# Exim filter
-## Version: 0.10
-#	$Id$
-
-## If you haven't worked with exim filters before, read
-## the install notes at the end of this file.
-
-#
-# Only run any of this stuff on the first pass through the
-# filter - this is an optomisation for messages that get
-# queued and have several delivery attempts
-#
-# we express this in reverse so we can just bail out
-# on inappropriate messages
-#
-if not first_delivery
-then
-  finish
-endif
-
-# Check for MS buffer overruns as per latest BUGTRAQ.
-# http://www.securityfocus.com/frames/?content=/templates/article.html%3Fid%3D61
-# This could happen in error messages, hence its placing
-# here...
-# We substract the first n characters of the date header
-# and test if its the same as the date header... which
-# is a lousy way of checking if the date is longer than
-# n chars long
-if ${length_80:$header_date:} is not $header_date:
-then
-  fail text "This message has been rejected because it has\n\
-	     \tan overlength date field which can be used\n\
-	     \tto subvert Microsoft mail programs\n\
-             \tThe following URL has further information\n\
-	     \thttp://www.securityfocus.com/frames/?content=/templates/article.html%3Fid%3D61"
-  seen finish
-endif
-
-# This is a nasty compromise.
-# This crud is now being sent with a <> envelope sender, but
-# blocking all error messages that pattern match prevents
-# bounces getting back.... so we fudge it somewhat
-if $header_from: contains "@sexyfun.net"
-then
-  fail text "This message has been rejected since it has\n\
-		\tthe signature of a known virus in the header."
-  seen finish
-endif
-if error_message and $header_from: contains "Mailer-Daemon@"
-then
-  # looks like a real error message - just ignore it
-  finish
-endif
-
-# Look for single part MIME messages with suspicious name extensions
-# Check Content-Type header [vb2_regexp]
-if $header_content-type: matches "(?:file)?name=(\"[^\"]+\\\\.(?:vb[se]|ws[fh]|jse?|exe|com|cmd|shs|bat|scr|pif)\"|[\\\\w.-]+\\\\.(?:vb[se]|ws[fh]|jse?|exe|com|cmd|shs|bat|scr|pif))"
-then
-  fail text "This message has been rejected because it has\n\
-	     \ta potentially executable attachment $1\n\
-	     \tThis form of attachment has been used by\n\
-             \trecent viruses or other malware.\n\
-	     \tIf you meant to send this file then please\n\
-	     \tpackage it up as a zip file and resend it."
-  seen finish
-endif
-
-# Attempt to catch embedded VBS attachments
-# in emails.   These were used as the basis for 
-# the ILOVEYOU virus and its variants
-# [vb_regexp]
-if $message_body matches "(?:Content-(?:Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+|Disposition:(?>\\\\s*)attachment);(?>\\\\s*)(?:file)?name=|begin(?>\\\\s+)[0-7]{3,4}(?>\\\\s+))(\"[^\"]+\\\\.(?:vb[se]|ws[fh]|jse?|exe|com|cmd|shs|bat|scr|pif)\"|[\\\\w.-]+\\\\.(?:vb[se]|ws[fh]|jse?|exe|com|cmd|shs|bat|scr|pif))[\\\\s;]"
-then
-  fail text "This message has been rejected because it has\n\
-	     \ta potentially executable attachment $1\n\
-	     \tThis form of attachment has been used by\n\
-             \trecent viruses or other malware.\n\
-	     \tIf you meant to send this file then please\n\
-	     \tpackage it up as a zip file and resend it."
-  seen finish
-endif
-
-#### Version history
-#
-# 0.01 5 May 2000
-#	Initial release
-# 0.02 8 May 2000
-#	Widened list of content-types accepted, added WSF extension
-# 0.03 8 May 2000
-#	Embedded the install notes in for those that don't do manuals
-# 0.04 9 May 2000
-#	Check global content-type header.  Efficiency mods to REs
-# 0.05 9 May 2000
-#	More minor efficiency mods, doc changes
-# 0.06 20 June 2000
-#	Added extension handling - thx to Douglas Gray Stephens & Jeff Carnahan
-# 0.07 19 July 2000
-#	Latest MS Outhouse bug catching
-# 0.08 19 July 2000
-#	Changed trigger length to 80 chars, fixed some spelling
-# 0.09 29 September 2000
-#	More extensions... its getting so we should just allow 2 or 3 through
-# 0.10 18 January 2001
-#	Removed exclusion for error messages - this is a little nasty
-#	since it has other side effects, hence we do still exclude
-#	on unix like error messages
-# 0.11 20 March, 2001
-#	Added CMD extension, tidied docs slightly, added RCS tag
-#
-#### Install Notes
-#
-# Exim filters run the exim filter language - a very primitive
-# scripting language - in place of a user .forward file, or on
-# a per system basis (on all messages passing through).
-# The filtering capability is documented in the main set of manuals
-# a copy of which can be found on the exim web site
-#	http://www.exim.org/
-#
-# To install, copy the filter file (with appropriate permissions)
-# to /etc/exim/system_filter.exim and add to your exim config file
-# [location is installation depedant - typicaly /etc/exim/config ]
-# at the top the line:-
-#	message_filter = /etc/exim/system_filter.exim
-#	message_body_visible = 5000
-#
-# You may also want to set the message_filter_user & message_filter_group
-# options, but they default to the standard exim user and so can
-# be left untouched.  The other message_filter_* options are only
-# needed if you modify this to do other functions such as deliveries.
-# The main exim documentation is quite thorough and so I see no need
-# to expand it here...
-#
-# Any message that matches the filter will then be bounced.
-# If you wish you can change the error message by editing it
-# in the section above - however be careful you don't break it.
-#
-# After install exim should be restarted - a kill -HUP to the
-# daemon will do this.
-#
-#### LIMITATIONS
-#
-# This filter tries to parse MIME with a regexp... that doesn't
-# work too well.  It will also only see the amount of the body
-# specified in message_body_visible
-#
-#### BASIS
-#
-# The regexp that is used to pickup MIME/uuencoded parts is replicated
-# below (in perl format).  You need to remember that exim converts
-# newlines to spaces in the message_body variable.
-#
-#  (?:Content-					# start of content header
-#  (?:Type: (?>\s*)				# rest of c/t header
-#    [\w-]+/[\w-]+				# content-type (any)
-#    |Disposition: (?>\s*)			# content-disposition hdr
-#    attachment)					# content-disposition
-#  ;(?>\s*)					# ; space or newline
-#  (?:file)?name=				# filename=/name= 
-#  |begin (?>\s+) [0-7]{3,4} (?>\s+)) 		# begin octal-mode
-#  (\"[^\"]+\.					# quoted filename.
-#	(?:vb[se]				# list of extns
-#	|ws[fh]
-#	|jse?
-#	|exe
-#	|com
-#	|cmd
-#	|shs
-#	|bat
-#	|scr
-#	|pif)
-#	\"					# end quote
-#  |[\w.-]+\.					# unquoted filename.ext
-#	(?:vb[se]				# list of extns
-#	|ws[fh]
-#	|jse?
-#	|exe
-#	|com
-#	|cmd
-#	|shs
-#	|bat
-#	|scr
-#	|pif)
-#  )						# end of filename capture
-#  [\s;]					# trailing ;/space/newline
-#
-#
-### [End]