On Thu August 3 2006 16:48, Gary V wrote: > Gary wrote: > > > If I'm not mistaken, amavisd-new will allow encrypted zip files to > > pass. > > I am mistaken. Even if the zip is encrypted, the file names are still > evident, and may be blocked by banned settings. This thread > illustrates using [ qr'^UNDECIPHERABLE$'=> 0 ], to allow encrypted > zips to pass. > > 1) list items you want to block > 2) allow UNDECIPHERABLE > 3) list items you want to block unless they are UNDECIPHERABLE > > http://marc.theaimsgroup.com/?l=amavis-user&m=111988384524492&w=2 > i edit a file test.txt, i write test into it; i uesed winzip to zip it and encrypt using password; i used Zip 2.0 compatible encryption;
now, in 20-debian_defaults i put: # [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within such archives [ qr'^UNDECIPHERABLE$'=> 0 ], qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic http://paste.debian.net/10192 to see the entire piece i force-reloaded and i still get Aug 3 17:06:08 mailgw1 amavis[21263]: (21263-06) Blocked INFECTED (Encrypted.Zip), [81.174.7.176] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, Message-ID: <[EMAIL PROTECTED]>, mail_id: Z3F3xNNlnjpm, Hits: -, 200 ms but it is not infected! what i am missing? TIA -- Maurizio Marini ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
