Need to allow blackberry EPT.DAT files

Robert Lopez rlopezcnm at
Fri Sep 11 22:34:01 IST 2009

On Fri, Sep 11, 2009 at 3:07 PM, Glenn Steen <glenn.steen at> wrote:
> 2009/9/11 Robert Lopez <rlopezcnm at>:
>> Some offices of the college are being affected by some blocked data
>> files. They are .dat files and we do not want to unblock .dat files.
>> I am told in this case the data files are part of syncing blackberry
>> applications to desktop applications.
>> I considered allowing EPT.DAT, but that seems like too much of an
>> opportunity for the wrong persons.
>> Here are some of the facts:
>> Report: MailScanner: No programs allowed (ETP.DAT)
>> Received: from
>> ( [])
>>        by (Postfix) with SMTP id 625296604E2
>>        for <slederle at>; Fri, 11 Sep 2009 06:56:02 -0600 (MDT)
>>  Received: from
>> ( [])
>>        by (Postfix) with ESMTP id 65EBA2E257F
>>        for <xxxxxx at>; Fri, 11 Sep 2009 12:55:46 +0000 (UTC)
>> Would it take a custom modification to 'allow EPT.DAT files only from
>> *' or could a file rule accomplish it?
>> The filename.rules.conf seems to not be able to deal with the domain
>> restriction.
>> Looking at it seems there could be a
>> /etc/MailScanner/spam.bydomain/whitelist/blackberry file if everything
>> from and from prod.on.blackberry was wanted to be
>> allowed. As I have no idea what mail could come from
>> those it does not seem wise to just open for everything from them. [I
>> have not found a way to ask blackberry/rim any questions.]
> Not really a custom thing, but unpalatable any which way you look at it.
> The problem isn't the filename, which is trivially handled via a
> normal ruleset (multiple filename.rules.conf, where you can allow the
> relevant filename for the blaberry domain (bevare the subdomains...
> aieee!!! Yes, I truly hate RIM/blackberry for this lunacy), but the
> fact that they send a BINARY file without ascii armor. Oh they send
> that too, but that is entirely beside the point, since they rely on
> the binary attachment getting through.
> The problem is that the "encrypted stuff" in that file can (and will,
> as you have noticed)trigger ANY filetype line. So one need use a
> "filetypewhitelist" for the blackberry domain (they, of course, have
> too many sending servers to be able to keep up with using only IPs, so
> you need bare yourself to forgeries here... AAAARRRGH!). It is a PITA.
> It is either this, or stop using blackberries... Try selling that to
> the CEOs:-).
> BTW, the file is for BB activations, not synchronization.
> Cheers (yeah, Am slightly drunk, so ... letting some pent-up stem loose here:-)
> --
> -- Glenn
> email: glenn < dot > steen < at > gmail < dot > com
> work: glenn < dot > steen < at > ap1 < dot > se
> --
> MailScanner mailing list
> mailscanner at
> Before posting, read
> Support MailScanner development - buy the book off the website!

You have been so helpful to me and others I believe you are entitled
to some steam.

Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106

More information about the MailScanner mailing list