Hummm, I'll test the remove of signature.<br><br>But, some doubts has come to mind :)<br><br>From: <a href="mailto:user@domain.com">user@domain.com</a><br>
From: <a href="http://192.168.1.25">192.168.1.25</a> yes<br><br>Should be like that?<br>I have only one user that sends this kind a message. Don't want to all output messages goes without passing by mailscanner.<br>
<br>So will be like that the scan.messages.rule file?<br><br>Thanks<br>Pedro <br><br><div class="gmail_quote">2008/6/5 Rodney Green <<a href="mailto:rgreen@trayerproducts.com">rgreen@trayerproducts.com</a>>:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Should the "FromorTo: default yes" statement be the last line in the scan.messages.rule file?<div class="Ih2E3d"><br>
<br>
Alex Neuman wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Scanning for viruses doesn't corrupt files.<br>
Modifying the message after it's scanned (adding signatures and headers) may make digital signatures like DKIM and such fail their specific checks because the message has been modified.<br>
Allowing the file through doesn't corrupt the file. It changes the message.<br>
You need to NOT process those messages. Try adding:<br>
Scan Messages = %rules-dir%/scan.messages.rules<br>
<br>
And in your scan.messages.rules file, located within the %rules-dir% folder, add:<br>
<br>
FromOrTo: default yes<br>
From: xx.xx.xx.xx no<br>
<br>
... where xx.xx.xx.xx is the IP address of the sending server.<br>
<br>
You could ask "why not use From: *@<a href="http://domain.com" target="_blank">domain.com</a>"... that would mean that anyone could pretend to be from that domain and get through mailscanner untouched.<br>
<br>
In fact, the truly paranoid could use:<br>
<br>
From: <a href="mailto:blabla@domain.com" target="_blank">blabla@domain.com</a> and From: xx.xx.xx.xx yes<br>
<br>
That would mean a message would have to be from <a href="mailto:blabla@domain.com" target="_blank">blabla@domain.com</a> AND come from that IP in order to skip processing by MailScanner. Fake messages from elsewhere would be scanned, and messages that don't have that AGP thing would be scanned because they come from somebody else that doesn't use them.<br>
<br>
On Jun 5, 2008, at 9:30 AM, Pedro Bordin Hoffmann - [M]orpheus wrote:<br>
<br>
<br>
</blockquote>
<br>
<br>
<br></div><font color="#888888">
-- <br>
This message has been scanned for viruses and<br>
dangerous content by MailScanner, and is<br>
believed to be clean.</font><div><div></div><div class="Wj3C7c"><br>
<br>
-- <br>
MailScanner mailing list<br>
<a href="mailto:mailscanner@lists.mailscanner.info" target="_blank">mailscanner@lists.mailscanner.info</a><br>
<a href="http://lists.mailscanner.info/mailman/listinfo/mailscanner" target="_blank">http://lists.mailscanner.info/mailman/listinfo/mailscanner</a><br>
<br>
Before posting, read <a href="http://wiki.mailscanner.info/posting" target="_blank">http://wiki.mailscanner.info/posting</a><br>
<br>
Support MailScanner development - buy the book off the website! <br>
</div></div></blockquote></div><br>