Hi,
I'm currently trying to add support for per recipient banned files rules
to Webavis.
I can't have that functionnality to work with my LDAP installation.
To test, I put in amavisd.conf:
%banned_rules = (
'EXE' => new_RE(
qr'^application/x-msdos-program$'i,
qr'^\.(exe-ms)$',
qr'^\.(exe|lha|tnef|cab|dll)$',
),
'DBLE_EXT' => new_RE(
qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
),
'DEFAULT' => $banned_filename_re,
);
I then add 2 amavisBannedRulesNames attributes to my user, the first
with value EXE and the other DEFAULT.
With that settings, all attachments are blocked.
Here are the interesting parts of logs:
-/usr/sbin/amavisd-new[3837]: lookup_ldap_attr(amavisbannedrulenames)
"[EMAIL PROTECTED]" result=(ARRAY(0xa4fc9f4))
-/usr/sbin/amavisd-new[3837]: (03837-01) lookup: (scalar) matches,
result="DEFAULT"
-/usr/sbin/amavisd-new[3837]: (03837-01) lookup (banned_filename), 2
matches for "[EMAIL PROTECTED]", results:
"/cached/"=>["EXE","DEFAULT"], "(constant:DEFAULT)"=>"DEFAULT"
-/usr/sbin/amavisd-new[3837]: (03837-01) collect banned table[1]:
[EMAIL PROTECTED], tables:
-/usr/sbin/amavisd-new[3837]: (03837-01) starting banned checks -
traversing message structure tree
-/usr/sbin/amavisd-new[3837]: (03837-01) check_for_banned (p003,p001)
multipart/mixed | text/plain,.txt
-/usr/sbin/amavisd-new[3837]: (03837-01) doing banned check for
[EMAIL PROTECTED] on multipart/mixed | text/plain,.txt
-/usr/sbin/amavisd-new[3837]: (03837-01) lookup: (scalar) matches,
result="EXE"
-/usr/sbin/amavisd-new[3837]: (03837-01) lookup
(check_bann:[EMAIL PROTECTED]) => true,
["multipart/mixed","text/plain",".txt"] matches, result="EXE",
matching_key="(constant:EXE)"
-/usr/sbin/amavisd-new[3837]: (03837-01) p.path BANNED:EXE
[EMAIL PROTECTED]: "P=p003,L=1,M=multipart/mixed |
P=p001,L=1/1,M=text/plain,T=txt", matching_key="(constant:EXE)"
-/usr/sbin/amavisd-new[3837]: (03837-01) banned check: any=1, all=Y (1)
First, why is there at the second line a scalar matches 'DEFAULT' which
is always there whatever I put in the LDAP parameters?
Second, why does the 'EXE' entry is considered as a scalar match instead
of beeing considered as a key in the %banned_rules array?
Due to that scalar match, every attachments are blocked.
Did I do something wrong?
--
Jérôme
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
