Filename rule question

Julian Field MailScanner at ecs.soton.ac.uk
Tue Jul 3 19:23:33 IST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Glenn Steen wrote:
> On 03/07/07, Marco Induni <minduni at ti-edu.ch> wrote:
>> Hi All,
>> I try to deny some email attachments based just on the filename.
>> So I setup the following test rule to deny all attachment for email
>> sended to me at pluto.com (obviously just a real address)
>>
>> - in /etc/MailScanner/Mailscanner.conf
>> -- Filename Rules = %rules-dir%/filename-rules.rules
>>
>> - in /etc/MailScanner/rules/filename-rules.rules
>> -- To: me at pluto.com           /etc/MailScanner/filename-alldeny.conf
>> -- FromOrTo: default
>> /etc/MailScanner/filename-nocheck.rules.conf
>>
>> - in /etc/MailScanner/filename-alldeny.conf
>> -- deny    .*      -            -
>>
>> - in /etc/MailScanner/filename-nocheck.rules.conf
>> -- allow    .*      -           -
>>
>>
>> So I expect that any attachment will be denied, but is not true.
>> It seems that everything is passing through, and the rule is not
>> matching anything.
>> I've done MailScanner --lint and no syntax error appear.
>> I've also tried the standard rules enclosed (deny .exe .reg,...), but
>> didn't work.
>
> When  troubleshooting things like these, always doublecheck your
> assumptions with MailScanner itself... Try "MailScanner --help" to see
> the possible things you can do ... apart from the well-known --debug
> and --lint (start by doing a lint... it'll show you any bad syntax
> errors), you can also try any setting with any sender/receiver .... In
> your case you'd test
> MailScanner --value=filenamerules --from=anyone at example.net 
> --to=me at pluto.com
> and perhaps some variations ... Replace with addresses valid to your 
> situation.
>
>> Question, for the filename rule to work, should I always setup also the
>> filetype rule ?
>
> Almost always a good thing to do, yes. Check those with the same
> strategy/commands.
>
>
>> Any other ideas ?
>> Where I'm wrong ?
>
> Probably a typo. Might be related to those files needing to be <TAB>
> separated...
That catches out a lot of people. filename.rules.conf and its brethren 
have to be tab-separated as otherwise the filename and filetype regular 
expressions cannot include spaces.

>
> Cheers

Jules

- -- 
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.2 (Build 2014)
Charset: ISO-8859-1

wj8DBQFGipQmEfZZRxQVtlQRArW3AKCz+ALm1GvtddoQRXs+K/A6RZ8qmQCeMDH8
d9kZ/HGBrzpKDSCi4+DL/Ds=
=J68O
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk



More information about the MailScanner mailing list