anebi, > we have installed maia (maia mail guard) with amavisd 2.2.1. > We have this situation. > > We have a user in our system called for example: [email protected], > that tries to send mail to [email protected]. > > It send message with a zip file attached that contain an .exe file. > > Now our amavisd blocks this message "Blocked BANNED". This happen > because this zip file contain .exe and we ban file with this extension. > > What i want to do is to stop checking for banned files for user > [email protected]. > > I tried with this addiotin setting in amavisd.conf > > @bypass_banned_checks_maps = ( ['[email protected]'], ); > @banned_files_lovers_maps = ( ['[email protected]'], ); > > But amavis still ban the messages with this attachement that > contain .exe files.
Yes, the @*_maps lists of lookup tables tahe a recipient address as a search key, not sender (with few rare exceptions). Bypassing site policy checks like virus and banning should not be done based on unverifiable sender address, so this is not possible purposely. (unlike spam checks, as spam rarely imposes a security threat, it's just a nuisance, therefore whitelisting mechanism exists) > I put these rules before: $banned_filename_re = new_RE(... > Is this the right way to bypass banned checking for this my user? > Where in amavisd.conf i need to put these rules actually? > Please help me to get this working. The only reliable way of bypassing checks like ban and virus is to base them on some verifiable authenticity of a sender. For this you either need policy banks (enabled by an IP address of a sending host, or based on a valid DKIM signature). This is available in more recent versions of amavisd-new (2.6.*), and not yet in 2.2.1. A possible solution which does not depend on policy banks is to have two instances of amavisd, and two paths through MTA, one for mail coming from trusted users (based on their IP address or SASL authentication), and the other for all the rest. This way you can have two sets of banning rules, one for each set of users (exactly like with policy banks). Mark ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
