Need to allow blackberry EPT.DAT files

Peter Farrow peter at farrows.org
Sun Sep 13 11:10:13 IST 2009


Robert Lopez wrote:
> On Fri, Sep 11, 2009 at 3:07 PM, Glenn Steen <glenn.steen at gmail.com> wrote:
>   
>> 2009/9/11 Robert Lopez <rlopezcnm at gmail.com>:
>>     
>>> Some offices of the college are being affected by some blocked data
>>> files. They are .dat files and we do not want to unblock .dat files.
>>> I am told in this case the data files are part of syncing blackberry
>>> applications to desktop applications.
>>> I considered allowing EPT.DAT, but that seems like too much of an
>>> opportunity for the wrong persons.
>>>
>>> Here are some of the facts:
>>>
>>> Report: MailScanner: No programs allowed (ETP.DAT)
>>>
>>> Received: from mailrouter1104.na.blackberry.net
>>> (mailrouter1104.na.blackberry.net [204.187.87.55])
>>>        by xxxx.cnm.edu (Postfix) with SMTP id 625296604E2
>>>        for <slederle at cnm.edu>; Fri, 11 Sep 2009 06:56:02 -0600 (MDT)
>>>  Received: from ETP1107.etp.prod.on.blackberry
>>> (etp1107.etp.prod.on.blackberry [172.23.40.50])
>>>        by mailrouter1104.na.blackberry.net (Postfix) with ESMTP id 65EBA2E257F
>>>        for <xxxxxx at cnm.edu>; Fri, 11 Sep 2009 12:55:46 +0000 (UTC)
>>>
>>> Would it take a custom modification to 'allow EPT.DAT files only from
>>> *.na.blackberry.net' or could a file rule accomplish it?
>>>
>>> The filename.rules.conf seems to not be able to deal with the domain
>>> restriction.
>>>
>>> Looking at CustomConfig.pm it seems there could be a
>>> /etc/MailScanner/spam.bydomain/whitelist/blackberry file if everything
>>> from na.blackberry.net and from prod.on.blackberry was wanted to be
>>> allowed. As I have no idea what mail could come from
>>> those it does not seem wise to just open for everything from them. [I
>>> have not found a way to ask blackberry/rim any questions.]
>>>       
>> Not really a custom thing, but unpalatable any which way you look at it.
>> The problem isn't the filename, which is trivially handled via a
>> normal ruleset (multiple filename.rules.conf, where you can allow the
>> relevant filename for the blaberry domain (bevare the subdomains...
>> aieee!!! Yes, I truly hate RIM/blackberry for this lunacy), but the
>> fact that they send a BINARY file without ascii armor. Oh they send
>> that too, but that is entirely beside the point, since they rely on
>> the binary attachment getting through.
>> The problem is that the "encrypted stuff" in that file can (and will,
>> as you have noticed)trigger ANY filetype line. So one need use a
>> "filetypewhitelist" for the blackberry domain (they, of course, have
>> too many sending servers to be able to keep up with using only IPs, so
>> you need bare yourself to forgeries here... AAAARRRGH!). It is a PITA.
>> It is either this, or stop using blackberries... Try selling that to
>> the CEOs:-).
>> BTW, the file is for BB activations, not synchronization.
>>
>> Cheers (yeah, Am slightly drunk, so ... letting some pent-up stem loose here:-)
>> --
>> -- Glenn
>> email: glenn < dot > steen < at > gmail < dot > com
>> work: glenn < dot > steen < at > ap1 < dot > se
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>>
>>     
>
> You have been so helpful to me and others I believe you are entitled
> to some steam.
>
>   
<soapbox>
I have to say I have had this problem, and have resorted to LAN 
activation over wifi in the past.  I have also sat there and whitelist 
IPs until you have enough to get it through on the first few tries.

Blackberrys are a PITA, but as an IT consultant they are good revenue 
earners because they consume so much time.  I have pointed this out to 
many of my clients, but CEOs as you say, just seem to be hooked on them.

The whole Blackberry system, BES etc is all badly thought out and thrown 
together...and randomly stops working at times...
</soapbox>


-- 
This message has been scanned for viruses and
dangerous content by the Inexcom system Scanner,
and is believed to be clean.
Advanced heuristic mail scanning server [-].
http://www.inexcom.co.uk

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090913/5c24a013/attachment.html


More information about the MailScanner mailing list