Allow and block filenames on same domain - Take2

Corne Kotze Cornek at synaq.com
Thu Nov 30 14:38:28 GMT 2006 

Sorry, slight amendment to email sent out earlier
Please see *****

Corne Kotze wrote:
> Hi,
>
> Maybe my question was bit vague.
> I should have said it like this:
> I have just under 500 email accounts on my system(mail server), all on 
> one domain, and all incoming emails are being scanned by MailScanner.
> My Question:
> How can I allow certain file attachments in emails sent to 40 of the 
> email accounts on the domain through, and then still block those 
> attachments for all the other email accounts on that same domain?
>
*****
> Example:
> pete at work.com is a director
> joe at work.com is a clerk
>
> Now a "movie.avi" is sent from hans at company.com  TO  pete at work.com and 
> he should receive the file
> BUT
> A "video.mov" is sent from trevor at gov.com  TO  joe at work.com  and that 
> email should then be blocked
>
> Thanks
>
>
>
> Glenn Steen wrote:
>> On 29/11/06, Corne Kotze <Cornek at synaq.com> wrote:
>>> Hi all,
>>>
>>> I have MailScanner setup on Linux, all is working 100%, but now the
>>> company wants to allow all managers and directors to receive almost
>>> anything, while the rest of the users are blocked.
>>> In /etc/MailScanner/filename.rules.conf - I have made some changes to
>>> allow for zip files etc for the managers and directors.
>>> Then I copied the file to:
>>> /etc/MailScanner/filename.rules.users.conf - Here I made all the 
>>> changes
>>> to block all files needed to be blocked for the users.
>>>
>>> In /etc/MailScanner/rules/filename.rules - I have a number of entries
>>> for the managers and directors looking like this:
>>> To: email addres at domain.com /etc/MailScanner/filename.rules.conf
>>> And for the rest of the users it looks like this:
>>> *@domain.com /etc/MailScanner/filename.rules.users.conf
>>>
>>> Now for some reason if an email is sent with a .ppt attachment to a
>>> director that is supposed to be allowed, that email is blocked by 
>>> one of
>>> the custom rules, example:
>>>
>>> #################################################################
>>>
>>> Our e-mail content detector has just been triggered by a message you 
>>> sent:
>>>   To: email address at domain.com
>>>   Subject:  test 123
>>>   Date: Wed Nov 29 14:07:51 2006
>>>
>>> One or more of the attachments (Test.pps) are on
>>> the list of unacceptable attachments for this site and will not have
>>> been delivered.
>>>
>>> Consider renaming the files to avoid this constraint.
>>>
>>> The virus detector said this about the message:
>>> Report: Report: ScanSrv: Custom block (Test.pps)
>>>
>>> ########################################################################## 
>>>
>>>
>>> But this attachment is allowed in: /etc/MailScanner/filename.rules.conf
>>> And the directors email address is pointing to this file.
>>>
>>> Any help please...
>>>
>>> Thank you
>>>
>> Your ruleset seems to be rather wrong. Take a look at the EXAMPLES in
>> the rules directory, and also look at the wiki...
>> http://wiki.mailscanner.info/doku.php?id=&idx=documentation:configuration:rulesets 
>>
>> and more specifically
>> http://wiki.mailscanner.info/doku.php?id=documentation:configuration:rulesets:overloading 
>>
>>
>

-- 
 

Regards,

Corne Kotze
Managed Services Support Engineer
SYNAQ (Pty) Ltd
Tel: 011 245 5888
Fax: 011 783 9275
Web: http://www.synaq.com

More information about the MailScanner mailing list