Daniel, > i´ve got a problem with Banned File Rules on amavisd 2.3.2. ... > # block certain double extensions in filenames > qr'(?# BLOCK DOUBLE-EXTENSIONS ) > ^ (.*\t)? N= [^\t\n]* \. [^./\t\n]* [A-Za-z] [^./\t\n]* \. > (exe|vbs|pif|scr|bat|cmd|com|cpl|dll) \.? (\t.*)? $'xmi, ... > # # within PC archives allow any types or names at any depth > [ qr'(?#rule-7) ^ (.*\t)? T=(zip|rar|arc|arj|zoo) (\t.*)? $'xmi => 0 ],
> When I send a file test.zip with content: > Realvnc-3.3.7-x86_win32.zip > -> Realvnc-4_1_1-x86_win32.exe > Realvnc-4_1_1-x86_win32.zip > -> vnc-4_1_1-x86_win32.exe > > I got an unwanted rule match. Heres the log entry: > Aug 9 17:16:57 uxsmtp12 amavis[15173]: (15173-02) p.path BANNED:1 > [EMAIL PROTECTED]: "P=p003,L=1,M=multipart/mixed | > P=p002,L=1/2,M=application/x-zip-compressed,T=zip,N=Test.zip | > P=p004,L=1/2/1,T=zip,N=Realvnc-3.3.7-x86_win32.zip | > P=p006,L=1/2/1/1,T=exe,T=exe-ms,N=Realvnc-3.3.7-x86_win32.exe", > matching_key="(?mix-s:(?# BLOCK DOUBLE-EXTENSIONS )\n ^ (.*\t)? N= > [^\t\n]* \\. [^./\t\n]* [A-Za-z] [^./\t\n]* \\.\n > (exe|vbs|pif|scr|bat|cmd|com|cpl|dll) \\.? (\t.*)? $)" > > Should not all content within the Test.zip archive be allowed. You need to move the rule which allows T=zip BEFORE the rule which blocks, in this case double extensions. The order matters, the first matching rule wins. > I can send the Archives Realvnc-3.3.7-x86_win32.zip and > Realvnc-4_1_1-x86_win32.zip standalone and get not banned. That shouldn't be, unless the top level zip was not recognized as such and not properly decoded. Check the logs. Mark ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
