Different rules for files within archives
mark at msapiro.net
Tue Mar 31 17:56:21 IST 2009
Julian Field wrote:
>It's now ready for testing by other people.
>If you are interested in this at all, please do give it a try, as it
>will be going into 4.76.
>The download links are these:
>The ChangeLog tells you about it a bit, and if you look in the
>MailScanner.conf file for "Archives Are" and all the new options at the
>end of the same section, you'll find it all.
>Please test it for me!
I have just done the RPM install, and I have questions and a problem.
First the questions:
The comments in MailScanner.conf say
># There are now 2 sets of configurations for filename and filetype checking.
># One set of configuration options applies to normal attachments, these are
># marked by their names starting with "Archives:".
># The other set applies to files found within attachments which are archives,
># their names do *not* start with "Archives:".
Isn't the above backwards?
Also added to MailScanner.conf is the following
># These are the equivalent of the settings above, except they apply to
># files which are contained within "archives", as defined by the
># "Archives Are" setting at the top of this section.
># They can all be rulesets.
>Archives: Allow Filenames =
>Archives: Deny Filenames =
>Archives: Filename Rules = %etc-dir%/filename.rules.conf
>Archives: Allow Filetypes =
>Archives: Allow File MIME Types =
>Archives: Deny Filetypes =
>Archives: Deny File MIME Types =
>Archives: Filetype Rules = %etc-dir%/filetype.rules.conf
and the changelog says:
> By default, the checks applied to files within archives are the same as
> those applied to normal attachments that are not within an archive.
I'm a little confused about what that means. Does it just mean that the
defaults for the Archives: settings are set to the same values as the
defaults for the non-Archive: settings or does it mean for example
that if I have
Allow Filenames = %rules-dir%/allow.filename.rules
and I also have
Archives: Allow Filenames =
that the ruleset for Allow Filenames also applies to Archives: Allow
Now for the problem. Starting MailScanner gives:
Starting MailScanner: Syntax error(s) in configuration file: at
/usr/lib/MailScanner/MailScanner/Config.pm line 1962
Unrecognised keyword "unpackmicrosoftdocuments" at line 498 at
/usr/lib/MailScanner/MailScanner/Config.pm line 1965
Warning: syntax errors in /etc/MailScanner/MailScanner.conf. at
/usr/lib/MailScanner/MailScanner/Config.pm line 1970
Apparently this version doesn't like
Unpack Microsoft Documents = yes
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the MailScanner