Rules Mistake???
Denis Beauchemin
Denis.Beauchemin at USherbrooke.ca
Mon Dec 4 21:03:52 GMT 2006
Stef Morrell a écrit :
> I have a client who receives encrypted zip files from her accountant.
> These end up marked as virus due to the inability of the scanning
> engines to unpack them. I'm trying to disable virus scanning for this
> (only) sender when sending to this specific user.
>
> In MailScanner.conf I have:
>
> Virus Scanning = %rules-dir%/antivirus.rules
>
> and in my anti-virus.rules
>
> To: lotsofclients at clients.com yes
> ...
> To: thisclient at heraddress.com and From:
> accountant at heraccountant.co.uk no
> To: thisclient at heraddress.com yes
> ...
> FromOrTo: default no
>
> However this doesn't seem to stop the scanning.
>
> Where have I gone wrong?
>
>
>
Stef,
I think you should rather use:
# Should archives which contain any password-protected files be allowed?
# Leaving this set to "no" is a good way of protecting against all the
# protected zip files used by viruses at the moment.
# This can also be the filename of a ruleset.
Allow Password-Protected Archives = %rules-dir%/pwd.archives.rules
and:
# cat pwd.archives.rules
FromOrTo: user1 at yourdomain yes
FromOrTo: Default no
Denis
--
_
°v° Denis Beauchemin, analyste
/(_)\ Université de Sherbrooke, S.T.I.
^ ^ T: 819.821.8000x62252 F: 819.821.8045
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3595 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20061204/1a69f782/smime.bin
More information about the MailScanner
mailing list