Allowing a filename

Rick Cooper rcooper at dwford.com
Wed Jan 4 22:34:11 UTC 2017


Right at the top of filename.rules.conf place (<TAB> means hit the tab key)
 
allow<TAB>COL.+\.tmp\.doc$<TAB>Allow Special COLXXX.tmp.doc<TAB>Allow
Special COLXXX.tmp.doc
 
Your did not say if XXX was always a number or always an addition 3 chars if
always number of at least 3 digits
allow<TAB>COL\d{3,}\.tmp\.doc$<TAB>Allow Special COLXXX.tmp.doc<TAB>Allow
Special COLXXX.tmp.doc
 
any three chars
allow<TAB>COL.{3}\.tmp\.doc$<TAB>Allow Special COLXXX.tmp.doc<TAB>Allow
Special COLXXX.tmp.doc
 
If it always comes from xyz at abc.com (and you trust them completely) then
place the following in filename.rules
 
From: <TAB>xyz at abc.com
 
if the local part can be different but always same domain the use
From: <TAB>*@abc.com
 
If there is nothing on the right side of that address then no file name
checking will be done. Bear in mind if you would just like that one pass
made create a special version of the filename.rules.conf (like
COLXXX.filename.rules.conf)
and use
From<TAB>*@abc.com<TAB>/your/path/to/MailScanner/etc/COLXXX.filename.rules.c
onf
 
and then only that domain would have the additional pass but all other rules
would still apply. Look that those two files, there is a lot you can do.
 
All of this assumes the file does not come in an archive (zip/rar) in which
cases you would use the .archive version of those same files.
 
Rick Cooper
 
  _____  

From: MailScanner
[mailto:mailscanner-bounces+rcooper=dwford.com at lists.mailscanner.info] On
Behalf Of Jason Waters
Sent: Wednesday, January 04, 2017 10:49 AM
To: MailScanner Discussion
Subject: Allowing a filename


I have a client that sends doc files but through their system and they come
as COLXXX.tmp.doc 


The X's change so we would need to account for that.  These are legit and
would like to build a rule to allow them. I'm assuming it would be in
filename.rules.conf?  Could someone help me out?  Also they always from from
the same domain.  I tried white listing that domain, but that didn't allow
them to pass.  Thanks.

Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20170104/6c5acfad/attachment.html>


More information about the MailScanner mailing list