File name/type actions?
Julian Field
MailScanner at ecs.soton.ac.uk
Tue Jan 22 18:56:11 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Would you want a separate email, or a message prepended to the start of
the email containing the problem attachment? The latter, I suspect.
Unfortunately, this really isn't at all easy to do. I doubt I can do it,
but I will take a look even so.
Best regards,
Jules.
Greg Borders wrote:
>
> Greetings fellow MailScanners! I've got an interesting question that
> was brought
> to my attention by a user. They recently had a file attachment that
> triggered
> one of the file type rules. (filename.rules.conf) And it was of course
> sent to the quarantine.
>
> In general, TheCompany doesn't want to block files,
> they want a notification that it triggered a rule, and still deliver it,
> just like the system can do for spam:
>
>
> Use SpamAssassin = yes
> #
> # What to do with spam
> # --------------------
> # notify - Send the recipients a short notification
> Spam Actions = store deliver header "X-Spam-Status: Yes"
>
>
> Would it be possible to emulate this same action on the other set of
> filters/checks?
> (Namely the file name/type checks in this case.)
> Correct me if I'm wrong, but I think the file name/type checks are
> governed by
> the dangerous content setting:
>
> #
> # Removing/Logging dangerous or potentially offensive content
> # -----------------------------------------------------------
> #
>
> # Do you want to scan the messages for potentially dangerous content?
> # Setting this to "no" will disable all the content-based checks except
> # Virus Scanning, Allow Partial Messages and Allow External Message
> Bodies.
> # This can also be the filename of a ruleset.
> Dangerous Content Scanning = yes
>
>
>
> It would be nice to have a simple add-on such as a new directive:
>
> Dangerous Content Actions = store notify deliver
>
> Thus emulate the same logic as the Spam Actions, but I know how Jules
> hates to add more to the conf file than necessary.
>
> Perhaps adding in a ruleset that points to a custom function is an
> option?
>
> Thanks in advance for your advice.
>
> Greg. Borders
>
>
> --
>
> This email message and any document accompanying it may contain
> information intended only for the person(s) named. Any use,
> distribution, copying or disclosure by another person is strictly
> prohibited. NOTICE TO PERSONS SUBJECT TO UNITED STATES TAXATION:
> DISCLOSURE UNDER TREASURY CIRCULAR 230:
> Any tax advice included in this written or electronic communication
> was not intended or written to be used, and it cannot be used by the
> taxpayer, for the purpose of avoiding any penalties that may be
> imposed on the taxpayer by any governmental taxing authority or
> agency. This written or electronic communication does not represent
> legal advice. Persons in need of a legal opinion should seek competent
> counsel.
>
Jules
- --
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.7.0 (Build 1012)
Comment: Use Thunderbird's Enigmail add-on to verify this message
Charset: ISO-8859-1
wj8DBQFHljxNEfZZRxQVtlQRAhOJAJ0fP3pnWAqK92r89lQTXRwvWyISOACeI1U0
oXvR/gFD+1/4PKclS+aFgwI=
=f4ve
-----END PGP SIGNATURE-----
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list