rules help
Ugo Bellavance
ugob at CAMO-ROUTE.COM
Tue May 31 15:25:07 IST 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Matt Kehler wrote:
>
> Another question on the rules... I have MailScanner.conf pointing to
> filename.conf.rules ...as per below
>
> #filename.conf.rules
> FromOrTo: bob at domain.com <mailto:bob at domain.com>
> /etc/MailScanner/rules/filename.bob.rules
> FromOrTo: default
> /etc/MailScanner/rules/filename.default.rules
>
> #filename.bob.rules
> allow bob.exe - -
> #filename.default.rules
> ~ this has a boatload of denys in in...100 or so filenames..
>
> Anyways...with the above config, *ANY FILE* sent from bob at domain.com
> <mailto:bob at domain.com> is allowed through. Everything else works as it
> should (ie, no other users can send exe's or any other file listed as
> deny in filename.default.rules). I am assuming because the rules allow
> bob.exe to get through..but filename.default.rules does NOT get
> processed after that. Looking through the emails on the list regarding
> rules from last week, it would seem I need to change the
> filename.conf.rules so that it adds in the 2nd line as per below
>
> #filename.conf.rules
> FromOrTo: bob at domain.com <mailto:bob at domain.com>
> /etc/MailScanner/rules/filename.bob.rules
> FromOrTo: *@domain.com
> <mailto:*@domain.com> /etc/MailScanner/rules/filename.default.rules
> FromOrTo: default
> /etc/MailScanner/rules/filename.default.rules
>
> Is this correct? Does 'default' not really mean 'everything'? I take
> it 'default' is only triggered if NO other rules have been
> processed...as opposed to meaning 'default' will ALWAYS get processed?
>
Like firewall rules, first rule triggered stop the processing. The
default is only processed if no other rule is triggerred.
Ugo
> thx
> Matt
>
>
>
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/)
> and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> *Support MailScanner development - buy the book off the website!*
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list