[OT] Strip attachment and add link for download

Tue Jun 20 17:24:54 IST 2006

--[UxBoD]-- wrote:
> Hmmm, thats pretty cool Greg. Now, how about if the URL was http://example.com/pickup.php?$datenumber/$id/$filename and the script validated the To:
> address from the message file.  At least then there would be some kind of validation.
> 
> Alternatively, if a ruleset could be created to execute a script when say the Max Size has been exceeded, you could inject a validation code into the
> email that the recipient would need to use to access the download.

Another idea.. Add some attachment handling and conversion functions to 
your web site. Add buttons for [delete] [zip] [send link]. That could 
potentially save a lot of bandwidth. I suppose it could also encourage 
people to send larger files via email, depending on your users habits. :-\

Ken
Pacific.Net

> Just some thoughts.
> 
> Phil
> 
> On Tue, 20 Jun 2006 11:30:20 -0400
> Greg Borders <gborders at jlewiscooper.com> wrote:
> 
>> Glenn Steen wrote:
>>> On 20/06/06, Alex Pimperton <alex at erus.co.uk> wrote:
>>>> Hi All,
>>>>
>>>> This may be a shot in the dark but does anybody use/know of a system
>>>> that does the following:
>>>>
>>>> -message arrives at server from local users
>>>> -message is checked for attachments
>>>> -if attachments exist and are over a certain size, the server splits off
>>>> the attachments to a web-accessible directory and inserts a link in the
>>>> email so the recipient can download the attachment
>>>>
>>>> I know this is not really MailScanners domain but it would be a very
>>>> useful feature.
>>>>
>>>> Is this more of a mailwatch-type feature?
>>>>
>>>> I'm currently using postfix and MailScanner which I don't really want to
>>>> change even though know I can do things like this with MDaemon.
>>>>
>>>> Regards,
>>>>
>>>> Alex
>>>>
>>> I haven't tried this, but ... You should be able to make a probable
>>> facsimile with a combination of quarantining/notification and
>>> MailWatch with per user (email address) access. Look at the "Maximum
>>> Attachment Size" setting in MailScanner.conf, might be what you need.
>>>
>> I've gotten this working on my system.  I do indeed use the "Maximum
>> Attachment Size" setting that Glenn mentions.
>> In my case I wanted to prevent users from sending very large files via 
>> e-mail, and use means better suited for the task. (I.E. FTP)
>> I used that Max Attach Size in a ruleset to trigger the settings for 
>> specific users/groups.
>>
>> Then once triggered, MS will send the message to the recipient that the 
>> file was "too large"  using the text in
>> stored.virus.message.txt
>>
>> I modified the default message to include some extra info for a direct 
>> link to the file, for example:
>> -----------------------
>> Note to Postmaster:
>> Attachment is located on $hostname in $quarantinedir/$datenumber 
>> (message $id).
>> URL: for direct download:
>> "http://example.com/pickup/$datenumber/$id/$filename"
>> ------------------------
>>
>> Next, I modified my Apache HTTP server config file to host the directory 
>> in the quarantine as the "http://example.com/pickup/"
>> That way, you won't be showing your file structure to the realworld:
>>
>> -------------------------
>> Alias /pickup/ "/var/spool/MailScanner/quarantine/"
>> <Directory "/var/spool/MailScanner/quarantine/">
>>     Options Indexes MultiViews
>>     AllowOverride None
>>     Order allow,deny
>>     Allow from all
>> </Directory>
>> --------------------------
>>
>> The only down side is you have to open up permissions to the quarantine 
>> folders, and thus making ALL of the messages available to those that 
>> know how to peruse the folders.  Fortunately, the message id is quite 
>> long and random, and makes it harder to dig around unless you know 
>> exactly what it is.
>>
>> Hope this helps with your set up!
>>
>> Greg. Borders
>>
>> Sys. Admin.
>> JLC Co.
>>
>> --
>> This transmission may contain information that is privileged, confidential
>> and/or exempt from disclosure under applicable law. If you are not the
>> intended recipient, you are hereby notified that any disclosure, copying,
>> distribution, or use of the information contained herein (including any
>> reliance thereon) is STRICTLY PROHIBITED. If you received this transmission
>> in error, please immediately contact the sender and destroy the material in
>> its entirety, whether in electronic or hard copy format. Thank you.
>>
> 