Different rules for files within archives

Mark Sapiro mark at msapiro.net
Tue Mar 31 17:56:21 IST 2009

Julian Field wrote:

>It's now ready for testing by other people.
>If you are interested in this at all, please do give it a try, as it 
>will be going into 4.76.
>The download links are these:
>The ChangeLog tells you about it a bit, and if you look in the 
>MailScanner.conf file for "Archives Are" and all the new options at the 
>end of the same section, you'll find it all.
>Please test it for me!

I have just done the RPM install, and I have questions and a problem.

First the questions:

The comments in MailScanner.conf say

># There are now 2 sets of configurations for filename and filetype checking.
># One set of configuration options applies to normal attachments, these are
># marked by their names starting with "Archives:".
># The other set applies to files found within attachments which are archives,
># their names do *not* start with "Archives:".

Isn't the above backwards?

Also added to MailScanner.conf is the following

># These are the equivalent of the settings above, except they apply to
># files which are contained within "archives", as defined by the
># "Archives Are" setting at the top of this section.
># They can all be rulesets.
>Archives: Allow Filenames =
>Archives: Deny Filenames =
>Archives: Filename Rules = %etc-dir%/filename.rules.conf
>Archives: Allow Filetypes =
>Archives: Allow File MIME Types =
>Archives: Deny Filetypes =
>Archives: Deny File MIME Types =
>Archives: Filetype Rules = %etc-dir%/filetype.rules.conf

and the changelog says:

> By default, the checks applied to files within archives are the same as
> those applied to normal attachments that are not within an archive.

I'm a little confused about what that means. Does it just mean that the
defaults for the Archives: settings are set to the same values as the
defaults for the non-Archive: settings or does it mean for example
that if I have

Allow Filenames = %rules-dir%/allow.filename.rules

and I also have

Archives: Allow Filenames =

that the ruleset for Allow Filenames also applies to Archives: Allow

Now for the problem. Starting MailScanner gives:

Starting MailScanner:       Syntax error(s) in configuration file: at
/usr/lib/MailScanner/MailScanner/Config.pm line 1962
Unrecognised keyword "unpackmicrosoftdocuments" at line 498 at
/usr/lib/MailScanner/MailScanner/Config.pm line 1965
Warning: syntax errors in /etc/MailScanner/MailScanner.conf. at
/usr/lib/MailScanner/MailScanner/Config.pm line 1970

Apparently this version doesn't like

Unpack Microsoft Documents = yes

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the MailScanner mailing list