I have the dubious honour of having MS Advanced Threat Protection turned on for my mail server. If you don't know already this takes attachments an opens them in a sand box to see if they do anything bad. This is a slow process so they came up with an annoying kludge where they deliver the email twice, once without the attachment and then later with the attachment. If you use ms-exhange the first email is sucked back and replaced by the second. If you don't then you either get one or both depending on how your email is set up (the ATP system handles non-exchange clients really badly). Why? who knows? but it is really annoying. Anyway the process is annoyingly inconsistent: -> Sometimes the first message comes with an ATP notification and no attachment - this I can catch in procmail trivially. -> Sometimes the first message contains no ATP notification and a 0 byte length attachment. -> There are other cases but these are relative infrequent Is there a simple way in procmail that I can use to trap the second case (0 byte length attachment(s))? I simply don't want the first (useless) message and want to divert these to a holding pen.
Is there a simple way in procmail that I can use to trap the second case (0 byte length attachment(s))? I simply don't want the first (useless) message and want to divert these to a holding pen.
I don't think procmail has ever been good at digging into attachments. An external program would be more reliable. reformime (part of maildrop, courier imap) is good with extracting attachments, or just displaying information on them. It's not difficult to run from procmail, but if you eg need to parse its output it's easier from procmail to put it into a short bash script. Other options may be mimencode/mmencode (part of metamail), or metamail. There must be others. Switch email provider?? Volker -- Volker Kuhlmann http://volker.top.geek.nz/ Please do not CC list postings to me.
For the record I have a working solution: I changed the fetchmail settings to leave a copy of the emails on the server. I used a procmail to filter emails containing the notification that ATP was being used. Once a year I intend to mass delete on the server by hand since I can't get fetchmail to do this for me. It's 99% effective - the 0 byte case is a rarity and I ignore it. The biggest problem now is that ATP occasionally decides to issue the ATP notification message in a foreign language (presumably detecting the language encoding of the sender and forgetting that it is the recipient that has to read the message).
Switch email provider??
Well... I would if I could but I can't. Sadly the people making the decisions are impressed with these theatrics and there's basically nothing you can do under these circumstances because they can't fix things without admitting it was silly in the first place. On Tuesday, 17 October 2023 01:08:08 BST Volker Kuhlmann wrote:
Is there a simple way in procmail that I can use to trap the second case (0 byte length attachment(s))? I simply don't want the first (useless) message and want to divert these to a holding pen.
I don't think procmail has ever been good at digging into attachments. An external program would be more reliable.
reformime (part of maildrop, courier imap) is good with extracting attachments, or just displaying information on them. It's not difficult to run from procmail, but if you eg need to parse its output it's easier from procmail to put it into a short bash script.
Other options may be mimencode/mmencode (part of metamail), or metamail. There must be others.
Switch email provider??
Volker
-- Volker Kuhlmann http://volker.top.geek.nz/ Please do not CC list postings to me. ____________________________________________________________ procmail mailing list -- procmail@lists.rwth-aachen.de Procmail homepage: http://www.procmail.org/ To unsubscribe send an email to procmail-leave@lists.rwth-aachen.de https://lists.rwth-aachen.de/postorius/lists/procmail.lists.rwth-aachen.de
participants (2)
-
superaorta@gmail.com -
Volker Kuhlmann