Filename rule question

Marco Induni minduni at ti-edu.ch
Wed Jul 4 08:34:33 IST 2007


Julian Field wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> 
> Glenn Steen wrote:
>> On 03/07/07, Marco Induni <minduni at ti-edu.ch> wrote:
>>> Hi All,
>>> I try to deny some email attachments based just on the filename.
>>> So I setup the following test rule to deny all attachment for email
>>> sended to me at pluto.com (obviously just a real address)
>>>
>>> - in /etc/MailScanner/Mailscanner.conf
>>> -- Filename Rules = %rules-dir%/filename-rules.rules
>>>
>>> - in /etc/MailScanner/rules/filename-rules.rules
>>> -- To: me at pluto.com           /etc/MailScanner/filename-alldeny.conf
>>> -- FromOrTo: default
>>> /etc/MailScanner/filename-nocheck.rules.conf
>>>
>>> - in /etc/MailScanner/filename-alldeny.conf
>>> -- deny    .*      -            -
>>>
>>> - in /etc/MailScanner/filename-nocheck.rules.conf
>>> -- allow    .*      -           -
>>>
>>>
>>> So I expect that any attachment will be denied, but is not true.
>>> It seems that everything is passing through, and the rule is not
>>> matching anything.
>>> I've done MailScanner --lint and no syntax error appear.
>>> I've also tried the standard rules enclosed (deny .exe .reg,...), but
>>> didn't work.
>> When  troubleshooting things like these, always doublecheck your
>> assumptions with MailScanner itself... Try "MailScanner --help" to see
>> the possible things you can do ... apart from the well-known --debug
>> and --lint (start by doing a lint... it'll show you any bad syntax
>> errors), you can also try any setting with any sender/receiver .... In
>> your case you'd test
>> MailScanner --value=filenamerules --from=anyone at example.net 
>> --to=me at pluto.com
>> and perhaps some variations ... Replace with addresses valid to your 
>> situation.
>>
>>> Question, for the filename rule to work, should I always setup also the
>>> filetype rule ?
>> Almost always a good thing to do, yes. Check those with the same
>> strategy/commands.
>>
>>
>>> Any other ideas ?
>>> Where I'm wrong ?

Julian,
thanks for your answer.
I've double checked and the rule is separated with TAB.

Should be something else...

Marco




>> Probably a typo. Might be related to those files needing to be <TAB>
>> separated...
> That catches out a lot of people. filename.rules.conf and its brethren 
> have to be tab-separated as otherwise the filename and filetype regular 
> expressions cannot include spaces.
> 
>> Cheers
> 
> Jules
> 
> - -- 
> Julian Field MEng CITP
> www.MailScanner.info
> Buy the MailScanner book at www.MailScanner.info/store
> 
> MailScanner customisation, or any advanced system administration help?
> Contact me at Jules at Jules.FM
> 
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> For all your IT requirements visit www.transtec.co.uk
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.2 (Build 2014)
> Charset: ISO-8859-1
> 
> wj8DBQFGipQmEfZZRxQVtlQRArW3AKCz+ALm1GvtddoQRXs+K/A6RZ8qmQCeMDH8
> d9kZ/HGBrzpKDSCi4+DL/Ds=
> =J68O
> -----END PGP SIGNATURE-----
> 

-- 
Marco Induni
Universita` della Svizzera italiana
Servizi informatici / TI-EDU
Galleria 2
CH-6928 Manno (Switzerland)
E-mail: minduni at ti-edu.ch
Tel: +41 58 666 6656
Fax: +41 58 666 6650


More information about the MailScanner mailing list