allowing attachment filelname

Dan Carl danc at bluestarshows.com
Mon Dec 18 23:12:41 CET 2006


----- Original Message ----- 
From: "Glenn Steen" <glenn.steen at gmail.com>
To: "MailScanner discussion" <mailscanner at lists.mailscanner.info>
Sent: Monday, December 18, 2006 3:00 PM
Subject: Re: allowing attachment filelname


> On 18/12/06, Dan Carl <danc at bluestarshows.com> wrote:
> > ----- Original Message -----
> > From: "Glenn Steen" <glenn.steen at gmail.com>
> > To: "MailScanner discussion" <mailscanner at lists.mailscanner.info>
> > Sent: Monday, December 18, 2006 12:54 PM
> > Subject: Re: allowing attachment filelname
> >
> >
> > > On 18/12/06, Dan Carl <danc at bluestarshows.com> wrote:
> > > > Ok I have a certain filename I want to let through.
> > > > I added a rule to my filename.rules.conf.
> > > > A followed the instructions
> > > > NOTE: Fields are separated by TAB characters --- Important!
> > > > I've checked my mailscanner.conf and its set to:
> > > > Filename Rules = %etc-dir%/filename.rules.conf
> > > > Why is the attachment still being quarantined?
> > > > Im using ClamAV and F-Prot
> > > Well, why is it quarantined? Look in the logs... Should tell you well
> > enough...
> > > One could guess that perhaps it is blocked by filetype? Or by an AV
> > At Mon Dec 18 10:30:14 2006 the virus scanner said:
> >    ClamAV Module: BACKUP.qpb was infected: Encrypted.Zip
>
> Aha, so it's really clamav (or rather clamavmodule:-) that is triggering.
> You'll have to make it accept that filename (in clamscan,
> clamavmodule), or not let clam block password encrypted archives
> (might be a tad too forgiving:) or just plain stop
> encrypting/passwd-protecting the zipfile ... or something similar that
> fits your bill:-).
>

Its a backup from quick books point of sale.
It is automatically encryted there no way round it.

> Haven't checked this, but what happens if you set "Allow Password
> Protected Archives = yes" (or a ruleset to that effect)? There're some
> settings for ClamavModule too that might effect how this plays out ...
> Perhaps do a limit of recursion? I'm not sure if that will work...
> Look at
http://www.mailscanner.info/MailScanner.conf.index.html#ClamAVmodule%20Maximum%20Recursion%20Level
> ...

Ok setting Allow Password Protected Archives= yes
Allowed the file to come through.
I know I can make a rule set to tighten it up alot more, but I this my only
alternive?
I know could have then use ftp server to send/receive but I'm affraid this
would turn into a support nightmare for me.

Why does adding it to filename.rules.conf have no effect?


>
> If you use clamscan, you could edit the wrapper and set/unset things
> there ... I suppose:-)-
>
> > > scanner? Or perhaps you forgot to restart MailScanner?
> > Yes restarted
> > > Without better/more info than the above, we can't really be more
> > Here's the line I added to filename.rules.conf
> Didn't reach us/me, but no matter... As you can see already... this
> isn't a filename problem.
>
> > > specific, sorry.
> > >
>
>
> -- 
> -- Glenn
> email: glenn < dot > steen < at > gmail < dot > com
> work: glenn < dot > steen < at > ap1 < dot > se
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!



More information about the MailScanner mailing list