Filename.rules.conf
Thomas Stephen Lee
lee.iitb at gmail.com
Thu Oct 31 04:02:19 UTC 2019
Hi,
We too had same issue.
put the rules in both filename.rules.conf and archive.filename.rules.conf
and ran the following command with our email ids replaced.
$ echo "Testing MailScanner new config for whitelisting rocketmail dmarc on
$(date +"%d/%m/%Y") at $(date +"%T")" | mailx -a rocketmail.com.gz -r "User
<user at example.com>" -S from="From: User <user at example.com>" -s "Testing
MailScanner new config on $(date +"%d/%m/%Y") at $(date +"%T")"
user at example.com
and the mail came through without issues.
Also, you can send one or two mails to some contact with rocketmail id from
your server and wait for the dmarc report.
thanks
---
Thomas Stephen Lee
On Thu, Oct 31, 2019 at 4:03 AM Kevin Miller <kevin.miller at juneau.org>
wrote:
> Thanks again for looking Mark. I have entries in both filename.rules.conf
> and archive.filename.rules.conf. I think the path of least resistance at
> this point is just to enter "rocketmail.com.gz" in them as well. If that's
> what it's seeing, then I'll just live with it and give it a pass.
>
> Funny thing is, I haven't received any more reports from rocketmail since
> last week. Sooner or later one should turn up I expect.
>
> Best...
>
> ...Kevin
> --
> Kevin Miller
> Network/email Administrator, CBJ MIS Dept.
> 155 South Seward Street
> Juneau, Alaska 99801
> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357
>
> -----Original Message-----
> From: MailScanner <mailscanner-bounces+kevin.miller=
> juneau.org at lists.mailscanner.info> On Behalf Of Mark Sapiro
> Sent: Wednesday, October 30, 2019 10:39 AM
> To: mailscanner at lists.mailscanner.info
> Subject: Re: Filename.rules.conf
>
> EXTERNAL E-MAIL: BE CAUTIOUS WHEN OPENING FILES OR FOLLOWING LINKS
>
> ________________________________
>
> On 10/28/19 3:13 PM, Kevin Miller wrote:
> >
> >> Again, the name MailScanner is rejecting is "rocketmail.com.gz". To
> understand why, we need to see all the MIME part headers from the message.
> >
> > It's in the pastebin post.
>
> The pastebin post is clear that the only name is "rocketmail.com!
> jnuairport.com!1571875200!1571961599.xml.gz" and any of the regexps
> '.*\.com[^.]*\.xml\.gz$', '.*\.com[^.]*\.xml(\.gz)?$' or
> '.*\.com[^.]*[^.]\.com*[^.]*.xml.*\.gz$' will match that.
>
> I've looked at the code and it appears that MailScanner is actually
> looking at what it calls safename which may or may not be the
> "rocketmail.com.gz" name in the report. I'm not particularly fluent in perl
> and I haven't found exactly how safename is made from the original name.
> I'm not sure, but I'm guessing that that will also be the name of the
> attachment stored in the /var/spool/MailSanner/quarantine/<DATE>/QUEUE.ID/
> directory.
>
> But if that's the case and it's looking at a name like "rocketmail.com.gz"
> which it made from "rocketmail.com!jnuairport.com!1571875200!1571961599.xml.gz",
> it's hard to understand why other similar names are accepted.
>
> I do note that your earlier posts referred to the file being contained in
> a zip archive and you needed to put your allow rules in
> archives.filename.rules.conf. However, the file in the pastbin is not in a
> zip archive so it needs a rule in filename.rules.conf. Do you have your
> rules in both places?
>
>
> --
> Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
> San Francisco Bay Area, California better use your sense - B. Dylan
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20191031/ff2e1fb1/attachment.html>
More information about the MailScanner
mailing list