Different rules for files within archives

Julian Field MailScanner at ecs.soton.ac.uk
Tue Mar 31 20:38:51 IST 2009



On 31/3/09 18:22, Scott Silva wrote:
> on 3-31-2009 9:56 AM Mark Sapiro spake the following:
>    
>> Julian Field wrote:
>>
>>      
>>> It's now ready for testing by other people.
>>> If you are interested in this at all, please do give it a try, as it
>>> will be going into 4.76.
>>>
>>> The download links are these:
>>>
>>> http://www.mailscanner.info/files/4/rpm/MailScanner-4.76.1-1.rpm.tar.gz
>>> http://www.mailscanner.info/files/4/suse/MailScanner-4.76.1-1.suse.tar.gz
>>> http://www.mailscanner.info/files/4/tar/MailScanner-install-4.76.1-1.tar.gz
>>>
>>> The ChangeLog tells you about it a bit, and if you look in the
>>> MailScanner.conf file for "Archives Are" and all the new options at the
>>> end of the same section, you'll find it all.
>>>
>>> Please test it for me!
>>>        
>>
>> I have just done the RPM install, and I have questions and a problem.
>>
>> First the questions:
>>
>> The comments in MailScanner.conf say
>>
>>      
>>> # There are now 2 sets of configurations for filename and filetype checking.
>>> # One set of configuration options applies to normal attachments, these are
>>> # marked by their names starting with "Archives:".
>>> # The other set applies to files found within attachments which are archives,
>>> # their names do *not* start with "Archives:".
>>>        
>>
>> Isn't the above backwards?
>>      
Absolutely. Well spotted.
>> Also added to MailScanner.conf is the following
>>
>>      
>>> # These are the equivalent of the settings above, except they apply to
>>> # files which are contained within "archives", as defined by the
>>> # "Archives Are" setting at the top of this section.
>>> # They can all be rulesets.
>>> Archives: Allow Filenames =
>>> Archives: Deny Filenames =
>>> Archives: Filename Rules = %etc-dir%/filename.rules.conf
>>> Archives: Allow Filetypes =
>>> Archives: Allow File MIME Types =
>>> Archives: Deny Filetypes =
>>> Archives: Deny File MIME Types =
>>> Archives: Filetype Rules = %etc-dir%/filetype.rules.conf
>>>        
>> and the changelog says:
>>
>>      
>>> By default, the checks applied to files within archives are the same as
>>> those applied to normal attachments that are not within an archive.
>>>        
>> I'm a little confused about what that means. Does it just mean that the
>> defaults for the Archives: settings are set to the same values as the
>> defaults for the non-Archive: settings
Yes.
>>   or does it mean for example
>> that if I have
>>
>> Allow Filenames = %rules-dir%/allow.filename.rules
>>
>> and I also have
>>
>> Archives: Allow Filenames =
>>
>> that the ruleset for Allow Filenames also applies to Archives: Allow
>> Filenames?
>>      
No.
>> Now for the problem. Starting MailScanner gives:
>>
>> Starting MailScanner:       Syntax error(s) in configuration file: at
>> /usr/lib/MailScanner/MailScanner/Config.pm line 1962
>> Unrecognised keyword "unpackmicrosoftdocuments" at line 498 at
>> /usr/lib/MailScanner/MailScanner/Config.pm line 1965
>> Warning: syntax errors in /etc/MailScanner/MailScanner.conf. at
>> /usr/lib/MailScanner/MailScanner/Config.pm line 1970
>>
>> Apparently this version doesn't like
>>
>> Unpack Microsoft Documents = yes
>>      
Correct. I screwed up the ConfigDefs.pl file.

I am publishing 4.76.2-1 as I type this, which has these two items 
corrected.

Download from
http://www.mailscanner.info/files/4/rpm/MailScanner-4.76.2-1.rpm.tar.gz
http://www.mailscanner.info/files/4/suse/MailScanner-4.76.2-1.suse.tar.gz
http://www.mailscanner.info/files/4/tar/MailScanner-install-4.76.2-1.tar.gz

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list