Maurizio wrote:
> i want a certain domain (eg datalogica.com) using my mailgw could send zipped
> attaches with password and containing .exe files
> i searched docs
> http://www.ijs.si/software/amavisd/amavisd-new-docs.html#wblist
> and i find that to whitelist a domain i should add it to this lookup list:
> @whitelist_sender_maps
> i dunno in which files of that under /etc/amavis/conf.d; i tried to add it to:
> 50-user
> # See /usr/share/doc/amavisd-new/ for documentation and examples of
> # the directives you can use in this file
> #
> @whitelist_sender_maps = (['.datalogica.com']);
> with no success
> i tried 20-debian_defaults
> after:
> # read_hash("/var/amavis/sender_scores_sitewide"),
> { # a hash-type lookup table (associative array)
> '[EMAIL PROTECTED]' => -3.0,
> '[EMAIL PROTECTED]' => -3.0,
> [..]
> '.datalogica.com' => -100.0,
> with no success
> any help will be apreciated :)
> -- maurizio
Whitelisting has nothing to do with banned files, it is only for spam.
Here is the standard $banned_filename_re provided with amavisd-new
2.3.2 (with comments removed):
$banned_filename_re = new_RE(
qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
qr'^application/x-msdownload$'i, # block these MIME types
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
qr'^\.(exe-ms)$', # banned file(1) types
);
This is how it could be modified to allow password protected zips
containing .exe files (notice how [ qr'^UNDECIPHERABLE$'=> 0 ], was
added and .exe related entries are moved after this):
$banned_filename_re = new_RE(
qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
qr'^application/hta$'i,
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'.\.(vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
[ qr'^UNDECIPHERABLE$'=> 0 ], # Allow password protected archives
qr'^application/x-msdownload$'i, # block these MIME types
qr'^application/x-msdos-program$'i,
qr'.\.(exe)$'i,
qr'^\.(exe-ms)$', # banned file(1) types
);
This should allow any sender to send password encrypted archived .exe
files. You can limit this to certain senders by using a policy bank.
See amavisd.conf-sample and
http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks
http://marc.theaimsgroup.com/?l=amavis-user&m=113364463710590&w=2
Gary V
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
