rules help
Matt Kehler
mkehler at WRHA.MB.CA
Tue May 31 16:53:15 IST 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Mine too :). But it all works now, tested and verified. I was missing
adding the 2nd conf in the same line for bob at domain.com ..as per below
#filename.conf.rules
From: bob at domain.com /etc/MailScanner/bob.allow.conf
/etc/MailScanner/all.normal.conf
FromOrTo: default /etc/MailScanner/all.normal.conf
thanks everyone
Matt
>>> MailScanner at ECS.SOTON.AC.UK 5/31/2005 10:48:28 AM >>>
My head hurts...
On 31 May 2005, at 16:23, Ugo Bellavance wrote:
> Matt Kehler wrote:
>
>> That doesn't go with what was said last week I don't think.
>> Basically then, in filename.bob.rules, I have to have the ALLOW
>> for BOB.EXE, *AND* then I have to have ALL my other denys in there
>> that are already in filename.default.rules... ??? In which
>> case..if I have 10 users that need various exceptions..then that
>> means if I ever want to change my master default block list thats
>> in filename.default.rules..I have to edit all 10 user exception
>> rule files as well as the filename.default.rules??
>> This is getting pretty frustrating. All I want is to allow
>> bob at domain.com <mailto:bob at domain.com> to send one file, and then
>> have all of the default rules applied. You'd think that would be
>> a trivial issue to setup, without having to replicate the rules
>> all over the place. If it was really like a proper rule
>> processing setup as your typical firewall (I happen to work with
>> Checkpoint, but all are pretty much the same), then you'd be able
>> to configure it so that bob can send the bob.exe file...and if
>> bob.PIF comes in...it would be blocked by the default rules. If
>> you can't do that..then MailScanner is more like making exceptions
>> ONLY based on user...and that specific user has it entirely own/
>> separate ruleset. Thats not an exception; thats 2 rulesets.
>>
>
> I never said MailScanner could do exceptions. In fact, I said the
> opposite, in some post in this thread.
>
> I'm not a ruleset guru, but based on what Julian said in that post:
>
> <quoting Julian>
>
> To: user at domain.com filename.allowexe.conf
> To *@domain.com filename.normal.conf
> FromOrTo: default filename.rules.conf
>
> If a message arrives addressed to user at domain.com, the rules
> applied are
> all those in filename.allowexe.conf followed by filename.normal.conf.
>
> If a message arrives addressed to any-other-user at domain.com, the rules
> applied are all those in filename.normal.conf.
>
> Mail from or to anywhere else has the filename.rules.conf applied.
> </quoting>
>
> So if you would make, instead of *@domain.com, a line with total
> wildcards, you'd probably be able to get the result you want.
> However, make sure you'll never hit the default.
>
> Julian, could you confirm (theoratically) what I said here, so that
> I'm not misleading anyone?
>
> Ugo
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
>
>
--
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/)
and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list