MailScanner at ecs.soton.ac.uk
Fri Feb 24 14:26:28 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
On 24 Feb 2006, at 13:11, Paul Houselander wrote:
> Ive set a ruleset as follows
> Scan Messages = %rules-dir%/scan.messages.rules
> In %rules-dir/scan.message.rules I have
> From: user at domain1.com and To: *@domain2.com no
> To: *@domain2.com yes
> FromOrTo: default no
> When im sending an email from user at domain1.com to
> anyone at domain2.com the
> message IS being scanned?
> Have I got the syntax wrong here?
Looks like the Scan Messages setting is an "all matches" rule. If any
rule for this option says "yes" then the message will be scanned.
What you are looking for is a "first match" rule so that it stops
searching the rules after the first hit and uses that setting.
I went for "all matches" for this one on the basis that you normally
want to tend towards scanning the message if any of the recipients
match a rule that says yes. You only want to _not_ scan it if all the
rules say no.
If you are prepared to apply a quick patch, edit /usr/lib/MailScanner/
MailScanner/ConfigDefs.pl. Find the line that starts with "ScanMail"
and move it from the [All,YesNo] section into the [First,YesNo]
section. Then restart MailScanner. "ScanMail" is the internal name I
used when implementing the code for the setting that eventually got
called "Scan Messages"; there is an internal to external translation
table at the top of that file.
Having a feature like being able to break out of a ruleset if a rule
matched would be helpful in situations like this, but I hate playing
with the configuration compiler. It works very well and is roughly
3000 lines of complicated code.
Buy the MailScanner book at www.MailScanner.info/store
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.5 (Build 5050)
-----END PGP SIGNATURE-----
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner