Hello -- I've just upgrade to amavis-2.3.2. I'm using LDAP lookups for per domain/user maps. I have a user who has BypassBannedChecks=TRUE set in LDAP yet he still is having attachments blocked. I've turned up logging for myself using $debug_sender_acl and I've sent the user an .exe file. Here's the log. Notice that amavis successfully looks-up BypassBannedChecks=TRUE but still performs the banned blocking. Is this a bug? Please let me know if more information is required. Thanks.
Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP< RCPT TO:<[EMAIL PROTECTED]>\r\n Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys: [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, . Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_hash([EMAIL PROTECTED]), no matches Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup (local_domains) => undef, "[EMAIL PROTECTED]" does not match Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys: [EMAIL PROTECTED], @rcptdomain.com, @.rcptdomain.com, @.com, @. Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap "[EMAIL PROTECTED]", query keys: "[EMAIL PROTECTED]", "@rcptdomain.com", "@.rcptdomain.com", "@.com", "@.", base: o=na, filter: (&(objectclass=amavisaccount)(cybalternatedomain=%m)) Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: searching base="o=na", scope="sub", filter="(&(objectclass=amavisaccount)(|([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])))" Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap([EMAIL PROTECTED]) matches, result=(cybalternatedomain=>"@rcptdomain.com", amavisbypassbannedchecks=>"TRUE", amavisbypassspamchecks=>"TRUE", amavisspamlover=>"TRUE", amavisbypassviruschecks=>"TRUE") Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap_attr(amavismessagesizelimit), no attribute, "[EMAIL PROTECTED]" result=undef Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup (message_size_limit) => undef, "[EMAIL PROTECTED]" does not match Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP> 250 2.1.5 Recipient [EMAIL PROTECTED] OK Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP::10026 /var/amavis/tmp/amavis-20050726T102756-32392: <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]> Received: SIZE=1685477 from mail06.perimeterco.com ([127.0.0.1]) by localhost (mail06.perimeterco.com [127.0.0.1]) (amavisd-new, port 10026) with LMTP id 32392-04 for <[EMAIL PROTECTED]>; Tue, 26 Jul 2005 10:29:38 -0400 (EDT) Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) Checking: EPI2-DPhWQFz CF/MYNETS [63.76.208.2] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]> Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap_attr(amavisbypassviruschecks) "[EMAIL PROTECTED]" result=(1) Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup (bypass_virus_checks) => true, "[EMAIL PROTECTED]" matches, result="1", matching_key="/cached/" Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup_ldap_attr(amavisbypassheaderchecks), no attribute, "[EMAIL PROTECTED]" result=undef Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) query_keys: [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, . Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup_hash([EMAIL PROTECTED]), no matches Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup (bypass_header_checks) => undef, "[EMAIL PROTECTED]" does not match Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup => true, "[EMAIL PROTECTED]" matches, result="1", matching_key="(constant:1)" Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) p.path [EMAIL PROTECTED]: "P=p003,L=1,M=multipart/mixed | P=p001,L=1/1,M=text/plain,T=asc" Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) p.path BANNED:1 [EMAIL PROTECTED]: "P=p003,L=1,M=multipart/mixed | P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms,N=dcom98.exe", matching_key="(?mix-s:(?# BLOCK COMMON NAME EXENSIONS )\n ^ (.*\t)? N= [^\t\n]* \\. (pif|exe|cpl|swf|vbs|bat|cmd|com|dll|hta|js|jse|lnk|msi|ocx|reg|shs|vb|vbe|wsf|scr) (\t.*)? $)" Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup_ldap_attr(amavisbannedfileslover), no attribute, "[EMAIL PROTECTED]" result=undef Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) query_keys: [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, . Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup_hash([EMAIL PROTECTED]), no matches Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup (banned_files_lovers) => undef, "[EMAIL PROTECTED]" does not match Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup_ldap_attr(amavisbannedquarantineto), no attribute, "[EMAIL PROTECTED]" result=undef Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup (banned_quarantine_to) => undef, "[EMAIL PROTECTED]" does not match Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup_ldap_attr(amavisbannedadmin), no attribute, "[EMAIL PROTECTED]" result=undef Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup_acl([EMAIL PROTECTED]), no match Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup (banned_admin) => undef, "[EMAIL PROTECTED]" does not match Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup_ldap_attr(amavislocal), no attribute, "[EMAIL PROTECTED]" result=1 Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup (local_domains) => true, "[EMAIL PROTECTED]" matches, result="1", matching_key="/cached/" Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup_ldap_attr(amaviswarnbannedrecip), no attribute, "[EMAIL PROTECTED]" result=undef Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup (warnbannedrecip) => true, "[EMAIL PROTECTED]" matches, result="1", matching_key="(constant:1)" Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) string_to_mime_entity To: <[EMAIL PROTECTED]> Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) (about to connect to [127.0.0.1]:10225) SEND via SMTP: <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) response to RCPT TO for <[EMAIL PROTECTED]>: "250 Ok" Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) SEND via SMTP: <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, 250 2.6.0 Ok, id=32392-04, from MTA([127.0.0.1]:10225): 250 Ok: queued as 83BFC3A84A3 Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) parse_received: for = <[EMAIL PROTECTED]>/<[EMAIL PROTECTED]>// Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) parse_received: for = <[EMAIL PROTECTED]>/<[EMAIL PROTECTED]>// Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) Blocked BANNED (P=p003,L=1,M=multipart/mixed | P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms,N=dcom98.exe), CF/MYNETS LOCAL [63.76.208.2] [63.76.208.2] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, Message-ID: <[EMAIL PROTECTED]>, mail_id: EPI2-DPhWQFz, Hits: -, 1490 ms Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) sending LMTP response for <[EMAIL PROTECTED]>: "250 2.5.0 Ok [EMAIL PROTECTED], DSN sent (550 5.7.1 Message content rejected, id=32392-04 - BANNED: P=p003,L=1,M=multipart/mixed | P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms...)"Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) LMTP> 250 2.5.0 Ok [EMAIL PROTECTED], DSN sent (550 5.7.1 Message content rejected, id=32392-04 - BANNED: P=p003,L=1,M=multipart/mixed | P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms...) Jul 26 10:29:39 mail06 postfix/lmtp[644]: C75993A8246: to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1], delay=5, status=sent (250 2.5.0 Ok [EMAIL PROTECTED], DSN sent (550 5.7.1 Message content rejected, id=32392-04 - BANNED: P=p003,L=1,M=multipart/mixed | P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms...)) -- Joel Nimety Perimeter Internetworking Corp. 203.541.3416 ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
