.AGP Files

Pedro Bordin Hoffmann - [M]orpheus pedro.hoffmann at gmail.com
Thu Jun 5 18:41:28 IST 2008


Hummm, I'll test the remove of signature.

But, some doubts has come to mind :)

From:    user at domain.com
From:    192.168.1.25 yes

Should be like that?
I have only one user that sends this kind a message. Don't want to all
output messages goes without passing by mailscanner.

So will be like that the scan.messages.rule file?

Thanks
Pedro

2008/6/5 Rodney Green <rgreen at trayerproducts.com>:

> Should the "FromorTo: default yes" statement be the last line in the
> scan.messages.rule file?
>
> Alex Neuman wrote:
>
>> Scanning for viruses doesn't corrupt files.
>> Modifying the message after it's scanned (adding signatures and headers)
>> may make digital signatures like DKIM and such fail their specific checks
>> because the message has been modified.
>> Allowing the file through doesn't corrupt the file. It changes the
>> message.
>> You need to NOT process those messages. Try adding:
>> Scan Messages = %rules-dir%/scan.messages.rules
>>
>> And in your scan.messages.rules file, located within the %rules-dir%
>> folder, add:
>>
>> FromOrTo:    default    yes
>> From:    xx.xx.xx.xx    no
>>
>> ... where xx.xx.xx.xx is the IP address of the sending server.
>>
>> You could ask "why not use From: *@domain.com"... that would mean that
>> anyone could pretend to be from that domain and get through mailscanner
>> untouched.
>>
>> In fact, the truly paranoid could use:
>>
>> From:    blabla at domain.com    and    From:    xx.xx.xx.xx    yes
>>
>> That would mean a message would have to be from blabla at domain.com AND
>> come from that IP in order to skip processing by MailScanner. Fake messages
>> from elsewhere would be scanned, and messages that don't have that AGP thing
>> would be scanned because they come from somebody else that doesn't use them.
>>
>> On Jun 5, 2008, at 9:30 AM, Pedro Bordin Hoffmann - [M]orpheus wrote:
>>
>>
>>
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20080605/aacef9c4/attachment.html


More information about the MailScanner mailing list