Rules Mistake???

Denis Beauchemin Denis.Beauchemin at USherbrooke.ca
Mon Dec 4 21:03:52 GMT 2006


Stef Morrell a écrit :
> I have a client who receives encrypted zip files from her accountant.
> These end up marked as virus due to the inability of the scanning
> engines to unpack them. I'm trying to disable virus scanning for this
> (only) sender when sending to this specific user.
>
> In MailScanner.conf I have:
>
> Virus Scanning = %rules-dir%/antivirus.rules
>
> and in my anti-virus.rules
>
> To:	lotsofclients at clients.com 	yes
> ...
> To:	thisclient at heraddress.com	and From:
> accountant at heraccountant.co.uk   no
> To:	thisclient at heraddress.com 	yes
> ...
> FromOrTo: 	default		no
>
> However this doesn't seem to stop the scanning. 
>
> Where have I gone wrong?
>
>
>   
Stef,

I think you should rather use:
# Should archives which contain any password-protected files be allowed?
# Leaving this set to "no" is a good way of protecting against all the
# protected zip files used by viruses at the moment.
# This can also be the filename of a ruleset.
Allow Password-Protected Archives = %rules-dir%/pwd.archives.rules

and:
# cat pwd.archives.rules
FromOrTo:   user1 at yourdomain  yes
FromOrTo:   Default no

Denis

-- 
   _
  °v°   Denis Beauchemin, analyste
 /(_)\  Université de Sherbrooke, S.T.I.
  ^ ^   T: 819.821.8000x62252 F: 819.821.8045


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3595 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20061204/1a69f782/smime.bin


More information about the MailScanner mailing list