You've said that the Level definitions for attachment blocking because of
1000's of v1 installations and lots of old v2 installations. These old
software users don't know what they're missing!!!!
I'm wondering, if I wanted to ignore level definitions in my installation,
I could l*eave them blank* and the use rules in UserAttach right? I'm
thinking of doing something like:
[[ NOTE TO READERS, I'm using this rough example as a question for Thomas,
the below is not a proposed solution for anyone to blindly follow ]
# basic blocks - what was previously my Level1
~BasicBlocks => bin|exe\-bin|url|ade|adp|asx|bas|bat|dot|dotx|xlt|xlts|chm|
cmd|com|cpl|crt|dbx|dll|exe|hlp|hta|htb|inf|ifs|isp|js|
jse|lnk|mda|mdb|mde|mdz|mht|msc|msi|msp|mst|nch|pcd|pif|
prf|ps1|reg|scf|scr|sct|shb|shs|vb|vbe|vbs|vba|wms|wsc|
wsh|rar|dotm|docm|xlsm|pptm
# file types that are used to inspect zip files
# look in zips for these bad files too bin type removed to allow
formatted excel with printer settings through
~ZipBlocks => exe\-bin|url|ade|adp|asx|bas|bat|dot|dotx|xlt|xlts|chm|cmd|
com|cpl|crt|dbx|dll|exe|hlp|hta|htb|inf|ifs|isp|js|jse|
lnk|mda|mdb|mde|mdz|mht|msc|msi|msp|mst|nch|pcd|pif|prf|
ps1|reg|scf|scr|sct|shb|shs|vb|vbe|vbs|vba|wms|wsc|wsh|
rar|dotm|docm|xlsm|pptm
OR instead could I do this, using the ~BasicBlocks template to define the
ZipBlocks template and remove bin with the -- switch. *Can one template be
defined using another template* ???????
~ZipBlocks => ~BasicBlocks|--bin
# Generic Block
# applies to everyone *unless a more specific match is found* *right?? *
*Or would this get added to other matches which could be a problem and
makes this line a terrible idea (since I could remove a type for a specific
internal recipient, but the external sender would still match this rule)*
* => block => ~BasicBlocks
# inspect zip files for everyone
zip:* => block => ~ZipBlocks
# let this one user send any zip file regardless of what's in it. Can also
be an encrypted ZIP which AFC ordinarily blocks automatically
zip:encryptedzipsendero...@domain.com => good-out => .*|crypt\-zip
The above line ignores the zip:* => block => ~ZipBlocks rule for
encryptedzipsendero...@damain.com right?
# let this one user get or send dot files, using -- exception
dotfileso...@domain.com => block => ~BasicBlocks|--dot
OR could I skip the ~BasicBlocks template here because the generic block
above (* => block => ~BasicBlocks) is already applied, so something like:
dotfileso...@domain.com => block => --dot ????
# let this one user get office macro files from anyone - even though this
is an exception, I'm not using
# the -- syntax since :MSOM is a special kind of exception removing this
special type from the generic exe-bin
officemacroo...@domain.com => block => ~BasicBlocks|:MSOM
# rules are combined, so noex...@seconddomain.com would be able to get all
attachments except for doc or xlst, but o...@seconddomain.com couldn't get
doc but could Excel, and noex...@thirddomain.com coudln't get excel, but
could get doc *right???? If they are combined, wouldn't the generic rule
from above (* => block => ~BasicBlocks) also be applied? If they're not
combined, which rule below would be enforced for noex...@seconddomain.com
(batches both lines).*
*@SecondDomain.com => block => doc
NoExcel@* => block => xls
I know some of my questions relate for functionality that hasn't changed in
recent releases, but I've never used wildcard address matching in
UserAttach, so I don't know practically what happens.
Thanks
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
