File Attachment Rules

[Colin Jack]

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info 
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
> Of Jim Holland
> Sent: 24 August 2006 15:38
> To: MailScanner discussion
> Subject: RE: File Attachment Rules
> 
> On Thu, 24 Aug 2006, Colin Jack wrote:
> 
> > Putting it in the MailScanner.conf direct seems to work ... except 
> > that I now have a heckova long line.
> > 
> > Would be tidier if I could get a ruleset working .. how 
> does everybody 
> > else do it?
> > 
> > Thanks
> > 
> > Colin
> 
> Remember that there are now two separate mechanisms for 
> managing file names and file types:
> 
> (a) Default configuration files:
> 
> Filename Rules = %etc-dir%/filename.rules.conf Filetype Rules 
> = %etc-dir%/filetype.rules.conf
> 
> These are not normal rulesets, so are in the Configuration 
> directory not the Rules directory.  They set the basic 
> system-wide policy for acceptance and rejection, and the 
> error notices that are issued when files are blocked.
> 
> (b) The allow and deny rules which can be rulesets, and which 
> override the above configuration files if a match is found:
> 
> Allow Filenames =
> Deny Filenames =
> 
> I would start by editing the filename.rules.conf and 
> filetype.rules.conf files if you want to change the overall 
> defaults and then set up the ruleset files:
> 
> Allow Filenames = %rules-dir%/filename_allow.rules Deny 
> Filenames = %rules-dir%/filename_deny.rules
> 
> So then instead of putting all the filenames in a line in 
> MailScanner.conf, you can put them in the above two rulesets, 
> and also customise them for individual users, eg:
> 
> filename_allow.rules:
> 
> 	To:		*@*		\.pdf$ \.zip$ \.jpg$ 
> \.eps$ \.ico$ \.ai$ \.qxd$ \.tif$
> 	FromOrTo:	root at domain	\.exe$ \.com$
> 
> 	# Default (whitelist nothing)
> 	FromOrTo:	default
> 
> and if the lines are too long I guess you could split them, 
> although I haven't tested this, eg:
> 
> 	To:		*@*		\.pdf$ \.zip$ \.jpg$ \.eps$
> 	To:		*@*		\.ico$ \.ai$  \.qxd$ \.tif$
> 	
> and for filename_deny.rules:
> 
> 	To:     user1 at mango.zw		\.gif$ \.jpg$
> 	To:     user2 at mango.zw		\.gif$ \.jpg$ \.pdf$ 
> \.xls$ \.mid$ \.pps$ \.doc$
> 
> 	# Default (block nothing)
> 	FromOrTo:       default
> 
> Finally, if you want full control, you can do it the old way:
> 
> Filename Rules = %rules-dir%/filename.rules Filetype Rules = 
> %rules-dir%/filetype.rules
> 
> and then in these files you can specify individual 
> configuration files by user, eg:
> 
> filename.rules:
> 
> 	# List of users allowed to send any filenames
> 	From:	user1 at mango.zw		
> %etc-dir%/filename.rules.allowall.conf
> 
> 	# Users sending anything between each other
> 	From:	user2 at mango.zw and To: user3 at mango.zw	
> %etc-dir%/filename.rules.allowall.conf
> 	From:	user3 at mango.zw and To: user2 at mango.zw	
> %etc-dir%/filename.rules.allowall.conf
> 
> 	# Customised settings
> 	To:	user4 at mango.zw	%etc-dir%/filename.rules.user4.conf
> 
> 	# Default
> 	FromOrTo:	default		%etc-dir%/filename.rules.conf
> 
> and similarly for filetype.rules.
> 	
> All of these configuration files will have the same type of 
> format as the original default %etc-dir%/filename.rules.conf 
> and %etc-dir%/filetype.rules.
> 
> Regards
> 
> Jim Holland
> System Administrator
> MANGO - Zimbabwe's non-profit e-mail service
  
Great thanks Jim. 

That detailed explanation has helped me get my head around it.

Much appreciated.

Regards

Colin