Development info?
Hugo van der Kooij
hvdkooij at vanderkooij.org
Sun Aug 24 13:14:20 IST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
The only bit I found on writing custom functions is
http://blog.fupps.com/2007/03/29/mailscanner-custom-functions-a-small-tutorial/
And the few bits in the MailScanner/CustomFunctions directory.
My aim is to write a custom function to detect links to executables and
such and mark then with some points. Then take it one level up and
pickup the samples for further analyses before they are taken offline again.
The first bit can be done with just few lines in SA just as well. It is
the second part that will help me get malware samples as soon as
possible that can not be done in SA.
Is there any addititional information about writing MailScanner custom
functions? The return() part is a bit unclear to me. Because I think it
may vary on how you call upon the custom function.
Hugo.
- --
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc
A: Yes.
>Q: Are you sure?
>>A: Because it reverses the logical flow of conversation.
>>>Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFIsVCZBvzDRVjxmYERAqB2AJ4uQJn24/+WK1eXJetnEGAJc8saggCeIemO
v+cfFSrkVQQTbcZdgOwlYDE=
=z2j/
-----END PGP SIGNATURE-----
More information about the MailScanner
mailing list