<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.10.0">
</HEAD>
<BODY>
It wasn't my decision. I work on contract, and it was the employers decision.<BR>
<BR>
On Wed, 2006-08-09 at 09:11 +0100, Julian Field wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">-----BEGIN PGP SIGNED MESSAGE-----</FONT>
<FONT COLOR="#000000">Hash: SHA1</FONT>
<FONT COLOR="#000000">If you like MailScanner that much, why are you going to deploy those </FONT>
<FONT COLOR="#000000">Barracudas?</FONT>
<FONT COLOR="#000000">A commercial setup of MailScanner (such as DefenderMX from </FONT>
<FONT COLOR="#000000"><A HREF="http://www.fsl.com">www.fsl.com</A>) will outperform Barracudas and is considerably cheaper. </FONT>
<FONT COLOR="#000000">There is a detailed feature and price comparison on <A HREF="http://www.fsl.com">www.fsl.com</A>.</FONT>
<FONT COLOR="#000000">On 9 Aug 2006, at 03:56, Golden, James wrote:</FONT>
<FONT COLOR="#000000">> Sorry for being so stupid. After looking through it again, I see </FONT>
<FONT COLOR="#000000">> what you were doing. 4 hours sleep a night catches up with you </FONT>
<FONT COLOR="#000000">> after awhile.</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Thanks for all the help.</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> We will be implementing the Barracuda's appliances here in the next </FONT>
<FONT COLOR="#000000">> 5 weeks or so, that is why I am trying to "skate" by with this </FONT>
<FONT COLOR="#000000">> setup for now. I figure what I am learning here will still help </FONT>
<FONT COLOR="#000000">> out when we move to those appliances.</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Although I have to say with the exception of the file attachment </FONT>
<FONT COLOR="#000000">> thing, since I upgraded and setup everything correctly (I think) </FONT>
<FONT COLOR="#000000">> everyone has been noticing the difference here! In fact the guy </FONT>
<FONT COLOR="#000000">> who handles the antivirus wasn't too happy with me, because now </FONT>
<FONT COLOR="#000000">> more viruses are being caught as spam first. Our virus numbers in </FONT>
<FONT COLOR="#000000">> email went from 200 - 300 a day to 1 - 10!</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Thanks all (Julian?!) for this fantastic software combination!. It </FONT>
<FONT COLOR="#000000">> ROCKS!</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Thanks all who have helped with replies (especially Stephen), and </FONT>
<FONT COLOR="#000000">> have put up with me!</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> James Golden</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> ----- Original Message -----</FONT>
<FONT COLOR="#000000">> From: <A HREF="mailto:mailscanner-bounces@lists.mailscanner.info">mailscanner-bounces@lists.mailscanner.info</A> on behalf of </FONT>
<FONT COLOR="#000000">> Stephen Swaney</FONT>
<FONT COLOR="#000000">> Sent: Tue, 8/8/2006 10:55am</FONT>
<FONT COLOR="#000000">> To: 'MailScanner discussion'</FONT>
<FONT COLOR="#000000">> Subject: RE: Retreiving attachments</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">>> -----Original Message-----</FONT>
<FONT COLOR="#000000">>> From: <A HREF="mailto:mailscanner-bounces@lists.mailscanner.info">mailscanner-bounces@lists.mailscanner.info</A> [mailto:mailscanner-</FONT>
<FONT COLOR="#000000">>> <A HREF="mailto:bounces@lists.mailscanner.info">bounces@lists.mailscanner.info</A>] On Behalf Of Rob Morin</FONT>
<FONT COLOR="#000000">>> Sent: Tuesday, August 08, 2006 9:35 AM</FONT>
<FONT COLOR="#000000">>> To: MailScanner discussion</FONT>
<FONT COLOR="#000000">>> Subject: Re: Retreiving attachments</FONT>
<FONT COLOR="#000000">>></FONT>
<FONT COLOR="#000000">>> On another note, has anyone come up with a way to retrieve </FONT>
<FONT COLOR="#000000">>> quarantined</FONT>
<FONT COLOR="#000000">>> attachments without the intervention of the sys admin? Meaning the </FONT>
<FONT COLOR="#000000">>> end</FONT>
<FONT COLOR="#000000">>> user can get them themselves?</FONT>
<FONT COLOR="#000000">>></FONT>
<FONT COLOR="#000000">>> I thought i heard a while back of some app to do this?</FONT>
<FONT COLOR="#000000">>></FONT>
<FONT COLOR="#000000">>> Have a good one!</FONT>
<FONT COLOR="#000000">>></FONT>
<FONT COLOR="#000000">>> Rob Morin</FONT>
<FONT COLOR="#000000">>> Dido InterNet Inc.</FONT>
<FONT COLOR="#000000">>> Montreal, Canada</FONT>
<FONT COLOR="#000000">>> <A HREF="Http://www.dido.ca">Http://www.dido.ca</A></FONT>
<FONT COLOR="#000000">>> 514-990-4444</FONT>
<FONT COLOR="#000000">>></FONT>
<FONT COLOR="#000000">>></FONT>
<FONT COLOR="#000000">>></FONT>
<FONT COLOR="#000000">>> Golden, James wrote:</FONT>
<FONT COLOR="#000000">>>> Thanks for the answer. Sorry for the long delay in the thanks</FONT>
<FONT COLOR="#000000">>>> departments.</FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>> One more question here,</FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>> Can I put more than one rules file in the Mailscanner.conf. </FONT>
<FONT COLOR="#000000">>>> Currently</FONT>
<FONT COLOR="#000000">>>> I am pointing to a ruleset already.</FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>> Currently mine looks like this</FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>> Filename Rules = %etc-dir%/filename.rules.conf</FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>> so would it look like this?</FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>> Filename Rules = %rules-dir%/filename.rules %etc-</FONT>
<FONT COLOR="#000000">>> dir%/filename.rules.conf</FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>> Or would I need to combine the .rules file into the .conf file</FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>> Thanks for the help.</FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>> James</FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>></FONT>
<FONT COLOR="#000000">>>> On Fri, 2006-08-04 at 17:50 -0400, Stephen Swaney wrote:</FONT>
<FONT COLOR="#000000">>>>>> -----Original Message-----</FONT>
<FONT COLOR="#000000">>>>>> From: <A HREF="mailto:mailscanner-bounces@lists.mailscanner.info">mailscanner-bounces@lists.mailscanner.info</A> </FONT>
<FONT COLOR="#000000">>>>>> <mailto:mailscanner-</FONT>
<FONT COLOR="#000000">>> <A HREF="mailto:bounces@lists.mailscanner.info">bounces@lists.mailscanner.info</A>> [mailto:mailscanner-</FONT>
<FONT COLOR="#000000">>>>>> <A HREF="mailto:bounces@lists.mailscanner.info">bounces@lists.mailscanner.info</A></FONT>
<FONT COLOR="#000000">>> <mailto:<A HREF="mailto:bounces@lists.mailscanner.info">bounces@lists.mailscanner.info</A>>] On Behalf Of Golden, James</FONT>
<FONT COLOR="#000000">>>>>> Sent: Friday, August 04, 2006 5:10 PM</FONT>
<FONT COLOR="#000000">>>>>> To: MailScanner discussion</FONT>
<FONT COLOR="#000000">>>>>> Subject: Re: Retreiving attachments</FONT>
<FONT COLOR="#000000">>>>>></FONT>
<FONT COLOR="#000000">>>>>> The attachments seem to be .doc or .xls or others and the client</FONT>
<FONT COLOR="#000000">>> always</FONT>
<FONT COLOR="#000000">>>>>> seems to be Outlook.</FONT>
<FONT COLOR="#000000">>>>>></FONT>
<FONT COLOR="#000000">>>>>> On Fri, 2006-08-04 at 16:38 -0400, Golden, James wrote:</FONT>
<FONT COLOR="#000000">>>>>></FONT>
<FONT COLOR="#000000">>>>>></FONT>
<FONT COLOR="#000000">>>>>> Hello,</FONT>
<FONT COLOR="#000000">>>>>></FONT>
<FONT COLOR="#000000">>>>>> I've have been wasting my whole day trying to figure out </FONT>
<FONT COLOR="#000000">>>>>> how to do</FONT>
<FONT COLOR="#000000">>>>>> this. Can anyone could help besides telling me to install </FONT>
<FONT COLOR="#000000">>>>>> Mailwatch</FONT>
<FONT COLOR="#000000">>>>>> (because it's not an option right now).</FONT>
<FONT COLOR="#000000">>>>>></FONT>
<FONT COLOR="#000000">>>>>> I have messages that are being snagged by MailScanner </FONT>
<FONT COLOR="#000000">>>>>> because the</FONT>
<FONT COLOR="#000000">>>>>> attachment is too large. When I go to the directory the </FONT>
<FONT COLOR="#000000">>>>>> attachment</FONT>
<FONT COLOR="#000000">>> is in</FONT>
<FONT COLOR="#000000">>>>>> binary in the message.</FONT>
<FONT COLOR="#000000">>>>>></FONT>
<FONT COLOR="#000000">>>>>> I tried using a sendmail -t < message, but of course it </FONT>
<FONT COLOR="#000000">>>>>> gets snagged</FONT>
<FONT COLOR="#000000">>>>>> again by MS. Is there an option I'm missing to store the </FONT>
<FONT COLOR="#000000">>>>>> attachments</FONT>
<FONT COLOR="#000000">>>>>> separately from the message, is there a way to send this on </FONT>
<FONT COLOR="#000000">>>>>> without</FONT>
<FONT COLOR="#000000">>> it</FONT>
<FONT COLOR="#000000">>>>>> being scanned? Is there a way to get the attachment out of the</FONT>
<FONT COLOR="#000000">>> message?</FONT>
<FONT COLOR="#000000">>>>>></FONT>
<FONT COLOR="#000000">>>>>> I need help soon as this is becoming a large issue today </FONT>
<FONT COLOR="#000000">>>>>> (about 6</FONT>
<FONT COLOR="#000000">>>>>> end users) and my boss is hearing about it!</FONT>
<FONT COLOR="#000000">>>>>></FONT>
<FONT COLOR="#000000">>>>>> Thanks,</FONT>
<FONT COLOR="#000000">>>>>></FONT>
<FONT COLOR="#000000">>>>>> James</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> You need to create a rule sets that exempt the localhost from</FONT>
<FONT COLOR="#000000">>> attachment</FONT>
<FONT COLOR="#000000">>>>> filename and filetype checking. If you have a Red Hat, CentOS or </FONT>
<FONT COLOR="#000000">>>>> SuSE</FONT>
<FONT COLOR="#000000">>>>> system, the following paths will be correct. They will vary on </FONT>
<FONT COLOR="#000000">>>>> other</FONT>
<FONT COLOR="#000000">>> systems</FONT>
<FONT COLOR="#000000">>>>> but the same principals will work.</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> First create two files:</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> /etc/MailScanner/filename.rules.allowall.conf</FONT>
<FONT COLOR="#000000">>>>> /etc/MailScanner/filetype.rules.allowall.conf</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> The contents of each file will be identical:</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> allow *. - -</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> The spaces MUST be Tabs so the contents of both files is really:</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> allow<Tab>*.<Tab>->Tab>-</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> Then create the file /etc/MailScanner/rules/filename.rules. The</FONT>
<FONT COLOR="#000000">>> contents of</FONT>
<FONT COLOR="#000000">>>>> this file should be:</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> # Allow all filenames from localhost</FONT>
<FONT COLOR="#000000">>>>> From: 127.0.0.0 /etc/MailScanner/filename.rules.allowall.conf</FONT>
<FONT COLOR="#000000">>>>> # Default entry</FONT>
<FONT COLOR="#000000">>>>> FromOrTo: default /etc/MailScanner/ </FONT>
<FONT COLOR="#000000">>>>> filename.rules.conf</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> Then create the file /etc/MailScanner/rules/filetype.rules. The</FONT>
<FONT COLOR="#000000">>> contents of</FONT>
<FONT COLOR="#000000">>>>> this file should be:</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> # Allow all filetypes from localhost</FONT>
<FONT COLOR="#000000">>>>> From: 127.0.0.0 /etc/MailScanner/filetype.rules.allowall.conf</FONT>
<FONT COLOR="#000000">>>>> # Default entry</FONT>
<FONT COLOR="#000000">>>>> FromOrTo: default /etc/MailScanner/ </FONT>
<FONT COLOR="#000000">>>>> filetype.rules.conf</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> Then edit /etc/MailScanner.conf to call the new rulesets. Change </FONT>
<FONT COLOR="#000000">>>>> the</FONT>
<FONT COLOR="#000000">>> setting</FONT>
<FONT COLOR="#000000">>>>> for Filename Rules to be:</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> Filename Rules = %rules-dir%/filename.rules</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> And change the setting for Filetype Rules to be:</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> Filetype Rules = %rules-dir%/filetype.rules</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> Then reload MailScanner.</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> You should now be able to release the files using the `sendmail - </FONT>
<FONT COLOR="#000000">>>>> t <</FONT>
<FONT COLOR="#000000">>>>> message` command without MailScanner re-quarantining the files.</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> Have a nice weekend.</FONT>
<FONT COLOR="#000000">>>>></FONT>
<FONT COLOR="#000000">>>>> Steve</FONT>
<FONT COLOR="#000000">>>>> Stephen Swaney</FONT>
<FONT COLOR="#000000">>>>> Fort Systems Ltd.</FONT>
<FONT COLOR="#000000">>>>> <A HREF="mailto:stephen.swaney@fsl.com">stephen.swaney@fsl.com</A> <mailto:<A HREF="mailto:stephen.swaney@fsl.com">stephen.swaney@fsl.com</A>></FONT>
<FONT COLOR="#000000">>>>> <A HREF="http://www.fsl.com">www.fsl.com</A> <<A HREF="http://www.fsl.com">http://www.fsl.com</A>></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Open Source: MailWatch for MailScanner mailwatch.sourceforge.net</FONT>
<FONT COLOR="#000000">> Commercial (based on MailScanner and MailWatch) DefenderMX <A HREF="http://www.fsl.com">www.fsl.com</A></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Please contact me off list for more information about either.</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Thanks,</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Steve</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Stephen Swaney</FONT>
<FONT COLOR="#000000">> Fort Systems Ltd.</FONT>
<FONT COLOR="#000000">> <A HREF="mailto:stephen.swaney@fsl.com">stephen.swaney@fsl.com</A></FONT>
<FONT COLOR="#000000">> <A HREF="http://www.fsl.com">www.fsl.com</A></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> -- </FONT>
<FONT COLOR="#000000">> MailScanner mailing list</FONT>
<FONT COLOR="#000000">> <A HREF="mailto:mailscanner@lists.mailscanner.info">mailscanner@lists.mailscanner.info</A></FONT>
<FONT COLOR="#000000">> <A HREF="http://lists.mailscanner.info/mailman/listinfo/mailscanner">http://lists.mailscanner.info/mailman/listinfo/mailscanner</A></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Before posting, read <A HREF="http://wiki.mailscanner.info/posting">http://wiki.mailscanner.info/posting</A></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Support MailScanner development - buy the book off the website!</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> --</FONT>
<FONT COLOR="#000000">> MailScanner mailing list</FONT>
<FONT COLOR="#000000">> <A HREF="mailto:mailscanner@lists.mailscanner.info">mailscanner@lists.mailscanner.info</A></FONT>
<FONT COLOR="#000000">> <A HREF="http://lists.mailscanner.info/mailman/listinfo/mailscanner">http://lists.mailscanner.info/mailman/listinfo/mailscanner</A></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Before posting, read <A HREF="http://wiki.mailscanner.info/posting">http://wiki.mailscanner.info/posting</A></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Support MailScanner development - buy the book off the website!</FONT>
<FONT COLOR="#000000">- -- </FONT>
<FONT COLOR="#000000">Julian Field</FONT>
<FONT COLOR="#000000"><A HREF="mailto:MailScanner@ecs.soton.ac.uk">MailScanner@ecs.soton.ac.uk</A></FONT>
<FONT COLOR="#000000">-----BEGIN PGP SIGNATURE-----</FONT>
<FONT COLOR="#000000">Version: PGP SDK 3.7.0</FONT>
<FONT COLOR="#000000">Charset: US-ASCII</FONT>
<FONT COLOR="#000000">wj8DBQFE2ZjAEfZZRxQVtlQRAtbQAKDSbEKggJwSMy75sFjxi8pPr2PYGgCaA0pu</FONT>
<FONT COLOR="#000000">A+YoIVWhhVgszzkXQPHrq+A=</FONT>
<FONT COLOR="#000000">=7c6C</FONT>
<FONT COLOR="#000000">-----END PGP SIGNATURE-----</FONT>
<FONT COLOR="#000000">-- </FONT>
<FONT COLOR="#000000">This message has been scanned for viruses and</FONT>
<FONT COLOR="#000000">dangerous content by MailScanner, and is</FONT>
<FONT COLOR="#000000">believed to be clean.</FONT>
<FONT COLOR="#000000">MailScanner thanks transtec Computers for their support.</FONT>
</PRE>
</BLOCKQUOTE>
</BODY>
</HTML>