On Tue, Jul 26, 2005 at 10:53:32AM -0400, Joel Nimety wrote: > Hello -- I've just upgrade to amavis-2.3.2. I'm using LDAP lookups for > per domain/user maps. I have a user who has BypassBannedChecks=TRUE set > in LDAP yet he still is having attachments blocked. I've turned up > logging for myself using $debug_sender_acl and I've sent the user an > .exe file. Here's the log. Notice that amavis successfully looks-up > BypassBannedChecks=TRUE but still performs the banned blocking. Is this > a bug? Please let me know if more information is required. Thanks.
The logs below are incomplete, I don't see anything like: Jul 2 12:15:18 ukiah amavis[10649]: (10649-01) Checking for banned types and fi lenames Jul 2 12:15:18 ukiah amavis[10649]: (10649-01) lookup_ldap_attr(amavisbypassban nedchecks) "[EMAIL PROTECTED]" result=(1) ... > > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP< RCPT > TO:<[EMAIL PROTECTED]>\r\n > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys: > [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, . > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) > lookup_hash([EMAIL PROTECTED]), no matches > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup (local_domains) > => undef, "[EMAIL PROTECTED]" does not match > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) query_keys: > [EMAIL PROTECTED], @rcptdomain.com, @.rcptdomain.com, @.com, @. > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap > "[EMAIL PROTECTED]", query keys: "[EMAIL PROTECTED]", > "@rcptdomain.com", "@.rcptdomain.com", "@.com", "@.", base: o=na, > filter: (&(objectclass=amavisaccount)(cybalternatedomain=%m)) > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup_ldap: searching > base="o=na", scope="sub", > filter="(&(objectclass=amavisaccount)(|([EMAIL PROTECTED])([EMAIL > PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])([EMAIL PROTECTED])))" > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) > lookup_ldap([EMAIL PROTECTED]) matches, > result=(cybalternatedomain=>"@rcptdomain.com", > amavisbypassbannedchecks=>"TRUE", amavisbypassspamchecks=>"TRUE", > amavisspamlover=>"TRUE", amavisbypassviruschecks=>"TRUE") > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavismessagesizelimit), no attribute, > "[EMAIL PROTECTED]" result=undef > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup > (message_size_limit) => undef, "[EMAIL PROTECTED]" does not match > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP> 250 2.1.5 > Recipient [EMAIL PROTECTED] OK > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) LMTP::10026 > /var/amavis/tmp/amavis-20050726T102756-32392: <[EMAIL PROTECTED]> > -> <[EMAIL PROTECTED]> Received: SIZE=1685477 from > mail06.perimeterco.com ([127.0.0.1]) by localhost > (mail06.perimeterco.com [127.0.0.1]) (amavisd-new, port 10026) with LMTP > id 32392-04 for <[EMAIL PROTECTED]>; Tue, 26 Jul 2005 10:29:38 -0400 (EDT) > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) Checking: EPI2-DPhWQFz > CF/MYNETS [63.76.208.2] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]> > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavisbypassviruschecks) "[EMAIL PROTECTED]" result=(1) > Jul 26 10:29:38 mail06 amavis[32392]: (32392-04) lookup > (bypass_virus_checks) => true, "[EMAIL PROTECTED]" matches, > result="1", matching_key="/cached/" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavisbypassheaderchecks), no attribute, > "[EMAIL PROTECTED]" result=undef > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) query_keys: > [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, . > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_hash([EMAIL PROTECTED]), no matches > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup > (bypass_header_checks) => undef, "[EMAIL PROTECTED]" does not match > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup => true, > "[EMAIL PROTECTED]" matches, result="1", matching_key="(constant:1)" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) p.path > [EMAIL PROTECTED]: "P=p003,L=1,M=multipart/mixed | > P=p001,L=1/1,M=text/plain,T=asc" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) p.path BANNED:1 > [EMAIL PROTECTED]: "P=p003,L=1,M=multipart/mixed | > P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms,N=dcom98.exe", > matching_key="(?mix-s:(?# BLOCK COMMON NAME EXENSIONS )\n ^ (.*\t)? > N= [^\t\n]* \\. > (pif|exe|cpl|swf|vbs|bat|cmd|com|dll|hta|js|jse|lnk|msi|ocx|reg|shs|vb|vbe|wsf|scr) > (\t.*)? $)" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavisbannedfileslover), no attribute, > "[EMAIL PROTECTED]" result=undef > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) query_keys: > [EMAIL PROTECTED], rcpt@, rcptdomain.com, .rcptdomain.com, .com, . > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_hash([EMAIL PROTECTED]), no matches > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup > (banned_files_lovers) => undef, "[EMAIL PROTECTED]" does not match > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavisbannedquarantineto), no attribute, > "[EMAIL PROTECTED]" result=undef > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup > (banned_quarantine_to) => undef, "[EMAIL PROTECTED]" does not match > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavisbannedadmin), no attribute, "[EMAIL PROTECTED]" > result=undef > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_acl([EMAIL PROTECTED]), no match > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup (banned_admin) > => undef, "[EMAIL PROTECTED]" does not match > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amavislocal), no attribute, "[EMAIL PROTECTED]" result=1 > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup (local_domains) > => true, "[EMAIL PROTECTED]" matches, result="1", matching_key="/cached/" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > lookup_ldap_attr(amaviswarnbannedrecip), no attribute, > "[EMAIL PROTECTED]" result=undef > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) lookup > (warnbannedrecip) => true, "[EMAIL PROTECTED]" matches, result="1", > matching_key="(constant:1)" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) string_to_mime_entity > To: <[EMAIL PROTECTED]> > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) (about to connect to > [127.0.0.1]:10225) SEND via SMTP: <[EMAIL PROTECTED]> -> > <[EMAIL PROTECTED]>Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) > response to RCPT TO for <[EMAIL PROTECTED]>: "250 Ok" > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) SEND via SMTP: > <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, 250 2.6.0 Ok, > id=32392-04, from MTA([127.0.0.1]:10225): 250 Ok: queued as 83BFC3A84A3 > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) parse_received: for = > <[EMAIL PROTECTED]>/<[EMAIL PROTECTED]>// > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) parse_received: for = > <[EMAIL PROTECTED]>/<[EMAIL PROTECTED]>// > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) Blocked BANNED > (P=p003,L=1,M=multipart/mixed | > P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms,N=dcom98.exe), > CF/MYNETS LOCAL [63.76.208.2] [63.76.208.2] <[EMAIL PROTECTED]> -> > <[EMAIL PROTECTED]>, Message-ID: <[EMAIL PROTECTED]>, > mail_id: EPI2-DPhWQFz, Hits: -, 1490 ms > Jul 26 10:29:39 mail06 amavis[32392]: (32392-04) sending LMTP response > for <[EMAIL PROTECTED]>: "250 2.5.0 Ok [EMAIL PROTECTED], DSN sent > (550 5.7.1 Message content rejected, id=32392-04 - BANNED: > P=p003,L=1,M=multipart/mixed | > P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms...)"Jul 26 > 10:29:39 mail06 amavis[32392]: (32392-04) LMTP> 250 2.5.0 Ok > [EMAIL PROTECTED], DSN sent (550 5.7.1 Message content rejected, > id=32392-04 - BANNED: P=p003,L=1,M=multipart/mixed | > P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms...) > Jul 26 10:29:39 mail06 postfix/lmtp[644]: C75993A8246: > to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1], delay=5, > status=sent (250 2.5.0 Ok [EMAIL PROTECTED], DSN sent (550 5.7.1 > Message content rejected, id=32392-04 - BANNED: > P=p003,L=1,M=multipart/mixed | > P=p002,L=1/2,M=application/x-ms-dos-executable,T=exe,T=exe-ms...)) -- Mike Hall, System Admin - Rock Island Communications <[EMAIL PROTECTED]> System Admin - riverside.org, ssdd.org <[EMAIL PROTECTED]> ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
