[mailscanner] Re: filetype permisson on per user base

[Ralf Cirksena]

On Tue, Feb 16, 2016 at 12:11:57PM +0100 you wrote:

> MailScanner doesn't know about envelope addresses.  You can only process 
> header addresses.

O.k., I should have known that. ;-)

> See http://www.configserver.com/techfaq/faqlist.php?catid=5&faqid=21&page=2 for 
> some examples.

Thank you. What I have now is:

/etc/Mailscanner/Mailscanner.conf:
Filetype Rules = %etc-dir%/filetype.rules

/etc/Mailscanner/filetype.rules:
From:		*@domain1.tld	%rules-dir%/filetype.rules.domain1.conf
FromOrTo:	*@domain2.tld	%rules-dir%/filetype.rules.domain2.conf
FromOrTo:	default		%rules-dir%/filetype.rules.conf

/etc/Mailscanner/rules/filetype.rules.conf
/etc/Mailscanner/rules/filetype.rules.domain1.conf
/etc/Mailscanner/rules/filetype.rules.domain2,conf

These 3 files are complete filetype rule files like:

allow	text		-			-
allow	\bscript	-			-
allow	archive		-			-
allow	postscript	-			-
deny	self-extract	No self-extracting archives	No self-extracting archives allowed
deny	Registry	No Windows Registry entries	No Windows Registry files allowed
deny	executable	No executables		No programs allowed
deny	ELF		No executables		No programs allowed

The only differences are the last 2 lines.
%rules-dir%/filetype.rules.domain1.conf:
allow	executable	No executables		No programs allowed
deny	ELF		No executables		No programs allowed

%rules-dir%/filetype.rules.domain1.conf:
deny	executable	No executables		No programs allowed
allow	ELF		No executables		No programs allowed

Is that the right way to assume that for every To: / From: / FormOrTo:
line in /etc/Mailscanner/filetype.conf will be checked only the file
in *that* line?

> For more details, look up "MailScanner Rulesets" - for example 
> https://www.mailscanner.info/ - Docs - Manual - Chapter 5 (page 67).

I will read that. Thanks, that seems to be as datailled as I need it.


Greetings,
-- 
R. Cirksena