HI all,
My goal is that my users (who are authenticated by SASL) can't send any
.exe attached file. So, in my amavis.conf config file I've got the next
code:
$policy_bank{'SASLBYPASS'} = { # mail from submission and smtps ports
bypass_spam_checks_maps => [1], # don't spam-check this mail
bypass_header_checks_maps => [1], # don't header-check this mail
banned_filename_maps => [
new_RE(
# block double extensions in names:
qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
# allow any name or type (except viruses) within an archive:
[ qr'^\.(Z|gz|bz2|rpm|cpio|tar|zip|rar|arc|arj|zoo)$' => 0],
# blocks MS executable file(1) types, unless allowed above:
qr'^\.(exe-ms)$',
),
],
};
When I'm testing that, Postfix maillog shows me:
Aug 20 12:29:57 mail postfix/smtpd[398]: A9CB6D50036:
client=unknown[192.168.1.17], sasl_method=PLAI
N, [EMAIL PROTECTED]
Aug 20 12:29:57 mail postfix/cleanup[404]: A9CB6D50036:
message-id=<[EMAIL PROTECTED]>
Aug 20 12:29:59 mail postfix/qmgr[27447]: A9CB6D50036:
from=<[EMAIL PROTECTED]>, size=1401577
, nrcpt=1 (queue active)
Aug 20 12:29:59 mail postfix/smtpd[398]: disconnect from
unknown[192.168.1.17]
Aug 20 12:29:59 mail amavis[301]: (00301-02) ESMTP::10026
/var/amavis/tmp/amavis-20070820T122015-003
01: <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]> SIZE=1401577
Received: from mail.opengea.
org ([127.0.0.1]) by localhost (tartarus.opengea.org [127.0.0.1])
(amavisd-new, port 10026) with ESM
TP for <[EMAIL PROTECTED]>; Mon, 20 Aug 2007 12:29:59 +0200 (CEST)
Aug 20 12:29:59 mail amavis[301]: (00301-02) Checking: hSDAJwrwiKYX
SASLBYPASS [192.168.1.17] <jordi
[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>
Aug 20 12:30:06 mail postfix/smtpd[437]: connect from tartarus[127.0.0.1]
Aug 20 12:30:06 mail postfix/smtpd[437]: ECDE4D50054:
client=tartarus[127.0.0.1]
Aug 20 12:30:06 mail postfix/cleanup[404]: ECDE4D50054:
message-id=<[EMAIL PROTECTED]>
Aug 20 12:30:07 mail postfix/qmgr[27447]: ECDE4D50054:
from=<[EMAIL PROTECTED]>, size=1402036
, nrcpt=1 (queue active)
Aug 20 12:30:07 mail postfix/smtpd[437]: disconnect from tartarus[127.0.0.1]
Aug 20 12:30:07 mail amavis[301]: (00301-02) FWD via SMTP:
<[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]
ntergrid.cat>,BODY=7BIT 250 2.6.0 Ok, id=00301-02, from
MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued
as ECDE4D50054
Aug 20 12:30:07 mail amavis[301]: (00301-02) Passed CLEAN, SASLBYPASS
[192.168.1.17] [192.168.1.17]
<[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, Message-ID:
<[EMAIL PROTECTED]>,
mail_id: hSDAJwrwiKYX, Hits: -, size: 1401577, queued_as: ECDE4D50054,
7925 ms
Aug 20 12:30:07 mail postfix/smtp[406]: A9CB6D50036:
to=<[EMAIL PROTECTED]>, relay=127.0.0.1[12
7.0.0.1]:10026, delay=9.4, delays=1.5/0.01/0/7.9, dsn=2.0.0, status=sent
(250 2.0.0 Ok: queued as EC
DE4D50054)
Aug 20 12:30:07 mail postfix/qmgr[27447]: A9CB6D50036: removed
¿Why the .exe file I've send is not denegate?
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
