How can I create a message filter that moves email containing an attached .exe file to a specific folder for later review?
I am trying to create a message filter in T-bird 45.2.0 on a Mac Air running OS X 10.7.5. When I look at the available conditions (Subject, To, From, cc etc.) for filter configuration, I do not find one that says or seems to be a proxy for something like: If 'message has an attachment' 'larger than/contains ___' then 'move/delete/mark message' to '. . .'. Hence the question above, "How can I create a message filter that moves email containing an attached .exe file to a specific folder for later review?"
Thank you, gnealr
Wybrane rozwiązanie
I've checked this out and 'Attachment Status' is only available in the list if you select ' Filter After Junk Classification'.
Przeczytaj tę odpowiedź w całym kontekście 👍 0Wszystkie odpowiedzi (5)
This would create a filter to check if email has attachment greater than a given size and move to a specific folder, but there is no means of detecting whether the attachment is a .exe file.
In Message Filters select 'getting new mail' choose whether this should be before or after junk classification. select 'Match all of following' 'Attachment Status' and 'Is' and 'Has attachment' click on small + to create another line 'Size (kB)' and 'is greater than' and select the size in kB. perform these actions: 'Move message to' and choose the folder. clickon Ok enable the filter in the list by checking the checkbox.
@Toad-Hall- Thank you for the reply; however, I do not have as a first variable choice "Attachment Status" only "Status". There is a new version of T-bird that became available a few minutes ago (45.3.0) so I will try installing it and revisiting your suggestion. Thank you again. gnealr
The new version of T-bird did make the "Attachment Status" variable available. So, still at square one.
Wybrane rozwiązanie
I've checked this out and 'Attachment Status' is only available in the list if you select ' Filter After Junk Classification'.
Bingo. Now all they need to do is add a variable that addresses the attributes of the attachment and we will have a working solution to the malicious attachment problem. thx -gneal