aboutsummaryrefslogtreecommitdiff
path: root/mail/lib/validateattachment
blob: d21044f3536a321394810c6102f4b4e1b93340c6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#!/usr/local/plan9/bin/rc
rfork n

. 9.rc

# exit status matching:
#
#	$discard - is really bad, refuse the message 
#	$accept - is really good, leave attachment alone
#	anything else - rewrite attachment to have .suspect extension
# 

# magic exit statuses known to vf
accept=10
discard=13

wrap=123	# anything but 10, 13

if(! ~ $#* 1){
	echo usage: validateattachment mboxfile >[1=2]
	exit usage
}

# some idiot virus is sending around attachments marked as .zip
# that are completely bogus and just say %TS_ZIP_ATTACH%
# as the base64 encoding of the zip file.  gmail rejects all zip
# attachments when we forward them, so nip this one here.
if(grep -s '^%TS_ZIP_ATTACH%$' $1 && ~ `{wc -l <$1} 1 2 3 4 5 6 7 8 9 10){
	echo bogus zip file!
	exit $discard
}

upas/unvf < $1 >$1.unvf
file=$1.unvf
fn sigexit { rm $file }

fn save {
#	d=`{date -n}
#	cp $file /n/other/upas/tmp/$d.$1
#	cp raw /n/other/upas/tmp/$d.$1.raw
#	whatis x >/n/other/upas/tmp/$d.$1.file
}

x=`{file <$file | sed s/stdin://}
x=$"x
switch($x){
case *Ascii* *text* *'c program'* *'rc executable'* 
	save accept
	exit $accept

case *'zip archive'*
	
	# >[2=1] because sometimes we get zip files we can't parse
	# but the errors look like
	# unzip: reading data for philw.doc.scr failed: ...
	# so we can still catch these.
	if(unzip -tsf $file >[2=1] | grep -si '      |\.(scr|exe|pif|bat|com)$'){
		echo executables inside zip file!
		exit $discard
	}

case jpeg 'PNG image' bmp 'GIF image' *'plan 9 image'
	save accept
	exit $accept

case *Microsoft* *Office*
	save wrap
	exit $wrap

case *MSDOS*
	# no executables
	echo $x
	exit $discard
}

save wrap
exit $wrap