Justin, > amavisd-new 2.2.1 (20041222) > With the following $banned_filename_re however, winmail.dat is still > getting caught as banned: > > $banned_filename_re = new_RE( > qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i, > qr'^application/x-msdownload$'i, > qr'^application/x-msdos-program$'i, > qr'^application/hta$'i, > [ qr'^\.(Z|gz|bz2)$' => 0 ], > [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], > [ qr'^winmail\.dat$' => 0 ], > qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, > qr'^\.(exe-ms)$', > [ qr'winmail.dat'i => 0 ], > qr'^\.(exe|lha|tnef|cab|dll)$', > [ qr'winmail.dat'i => 0 ], > ); > > The actual BANNED errors in syslog are: > > Aug 17 06:50:28 email amavis[31818]: (31818-08) p.path BANNED:1: > "P=p003,L=1,M=multipart/mixed | P=p002,L=1/2,M=application/ms- > tnef,T=tnef,N=winmail.dat", matching_key="(?-xism:^\\.(exe|lha|tnef| > cab|dll)$)"
You need amavisd-new-2.3.2 to pull that trick cleanly (banned_filename search order was fixed with changes in 2.3.0). There is no need to specify: [ qr'winmail.dat'i => 0 ], multiple times. Just make sure the rule is located _before_ the banning rule which is stopping the message, which in your example is: qr'^\.(exe|lha|tnef|cab|dll)$', Mark ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
