Hank wrote: > On Thu, 2 Nov 2006 10:05:37 -0700 > Hank <[EMAIL PROTECTED]> wrote:
>> Hello All >> >> I'm currently using amavisnewsql-0.8.0-1.4, and I'm having trouble with >> allowing banned files to a single domain. I've tried the following >> in /etc/amavisd.conf >> >> @bypass_banned_checks_maps = ( [qw( myrealdomain.com )] ); >> @banned_files_lovers_maps = ( [qw( myrealdomain.com )] ); >> >> Sending an .exe to myself, it's still being BLOCKED and quarantined. It would seem an SQL policy has blocked it before given a chance to see what this static setting had to say about it. >> Doing a little more digging, I can create a new policy in the policy >> table in MySQL and set banned_files_lover=Y and bypass_banned_checks=Y, >> and this will work. I'm not really liking this method, since some of >> the users in the domain in question has custom policies set. Every user can have their own policy if you want or need to get that granular. Are you saying they have (for instance) bypass_banned_checks and banned_files_lover set to "N", but you want to override this? If so, this is possible. >> I can see >> issues if the users edits their policy (ie: change to global policy), >> their banned_files settings will be lost. Then either don't change policies, or they can if they like if they agree with whatever the other policy's settings are. >> The problem seems like the >> policy table is overriding the config settings. It will for fields that are not NULL. Notice that all policy settings (except id and policy_name) start out life as 'default NULL': http://www.ijs.si/software/amavisd/README.sql.txt but admittedly the provided examples change this for many of the fields. >From http://www.ijs.si/software/amavisd/README.lookups.txt : "Thus the default sequence of lookups: SQL, LDAP, hash, ACL, regexp, constant. The first that returns a definitive answer (not undef/NULL) stops the search." Search starts with SQL and ends with constants. First match wins. >> >> I was wondering a couple things... >> >> 1. Is my syntax correct in @bypass_banned_checks_maps and >> @banned_files_lovers_maps to allow banned files for an entire domain? >> Yes. >> 2. Does the Policy MySQL table always override the config bypass_maps >> settings? >> Not necessarily. As explained, lookups fall through to the first definitive answer. The key would be to set policy fields to NULL for those you want to fall through to static settings. >> 3. If so, is there a way to globally handle a domain in MySQL Policy Using this case as an example, you could create a policy with all fields NULL except for the two in question; assign it to the @domain user, then give the @domain user a higher priority than that domain's users. Probably not a typical way to do it however. In essence, if you give an @domain user a higher priority than other users, you can override the lower priority settings. >> or make this config setting apply after MySQL Policy is read? Create (or edit) polices with these two fields NULL and move users over to them (if needed). >> I'm currently using amavisd-new-2.4.1 > I was wondering if anyone could shed some light on this. It's starting > to become an issue, and would like to make one domain a banned files > lover, while maintaining the same policy with the other domains. > Any help is greatly appreciated! > Thanks! > hanji Gary V ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
