>Can one template be defined using another template ???????
No. ---- ..... to use them in any entry at any place (except other
extension regular expression templates) .....
>OR could I skip the ~BasicBlocks template here because the generic block
above (* => block => ~BasicBlocks) is already applied, so something like:
No inherit for user definitions - the longest match is used.
>I know some of my questions relate for functionality that hasn't changed
in recent releases, but I've never used wildcard address matching in
UserAttach, so I don't know practically what happens.
- no inhertit !!!
(1) *@domain.com=>....
(2) u...@domain.com=>....
(3) user*@domain.com=>....
if u...@domain.com is seen in a mail - (2) is the exact match and is used
- (1 + 3) is NOT used
if us...@domain.com is seen in a mail - (3) is the longest match and is
used - (1) is NOT used - 2 does not match
if au...@domain.com is seen in a mail - (1) is the longest match and is
used - (2 + 3) have no match
>zip:encryptedzipsendero...@domain.com => good-out => .*|crypt\-zip
this will work
zip:encryptedzipsendero...@domain.com => good-out =>crypt\-zip
this would not work
This is a very special case. good-out =>crypt\-zip will remove the crypt
zip blocking, but will leave /\.crypt\-zip$/ as a regular expression in
the 'good' check. This will never match, which causes the attachment to be
blocked.
The first one (your example) is doing the same but leaves
/\.(.*|crypt\-zip)$/ in the 'good' regex, which will match every time,
because of the '.*'.
I think 'crypt\-zip' should be removed from the final regular expression
in all cases - I'll check this in ASSP_AFC code.
Thomas
Von: K Post <nntp.p...@gmail.com>
An: ASSP development mailing list <assp-test@lists.sourceforge.net>
Datum: 05.09.2017 19:42
Betreff: [Assp-test] Questions on new UserAttach functionality,
strategy in lieu of using Level defined Attachment Blocking
You've said that the Level definitions for attachment blocking because of
1000's of v1 installations and lots of old v2 installations. These old
software users don't know what they're missing!!!!
I'm wondering, if I wanted to ignore level definitions in my installation,
I could leave them blank and the use rules in UserAttach right? I'm
thinking of doing something like:
[[ NOTE TO READERS, I'm using this rough example as a question for Thomas,
the below is not a proposed solution for anyone to blindly follow ]
# basic blocks - what was previously my Level1
~BasicBlocks =>
bin|exe\-bin|url|ade|adp|asx|bas|bat|dot|dotx|xlt|xlts|chm|cmd|com|cpl|crt|dbx|dll|exe|hlp|hta|htb|inf|ifs|isp|js|jse|lnk|mda|mdb|mde|mdz|mht|msc|msi|msp|mst|nch|pcd|pif|prf|ps1|reg|scf|scr|sct|shb|shs|vb|vbe|vbs|vba|wms|wsc|wsh|rar|dotm|docm|xlsm|pptm
# file types that are used to inspect zip files
# look in zips for these bad files too bin type removed to allow
formatted excel with printer settings through
~ZipBlocks =>
exe\-bin|url|ade|adp|asx|bas|bat|dot|dotx|xlt|xlts|chm|cmd|com|cpl|crt|dbx|dll|exe|hlp|hta|htb|inf|ifs|isp|js|jse|lnk|mda|mdb|mde|mdz|mht|msc|msi|msp|mst|nch|pcd|pif|prf|ps1|reg|scf|scr|sct|shb|shs|vb|vbe|vbs|vba|wms|wsc|wsh|rar|dotm|docm|xlsm|pptm
OR instead could I do this, using the ~BasicBlocks template to define the
ZipBlocks template and remove bin with the -- switch. Can one template be
defined using another template ???????
~ZipBlocks => ~BasicBlocks|--bin
# Generic Block
# applies to everyone unless a more specific match is found right??
Or would this get added to other matches which could be a problem and
makes this line a terrible idea (since I could remove a type for a
specific internal recipient, but the external sender would still match
this rule)
* => block => ~BasicBlocks
# inspect zip files for everyone
zip:* => block => ~ZipBlocks
# let this one user send any zip file regardless of what's in it. Can
also be an encrypted ZIP which AFC ordinarily blocks automatically
zip:encryptedzipsendero...@domain.com => good-out => .*|crypt\-zip
The above line ignores the zip:* => block => ~ZipBlocks rule for
encryptedzipsendero...@damain.com right?
# let this one user get or send dot files, using -- exception
dotfileso...@domain.com => block => ~BasicBlocks|--dot
OR could I skip the ~BasicBlocks template here because the generic block
above (* => block => ~BasicBlocks) is already applied, so something like:
dotfileso...@domain.com => block => --dot ????
# let this one user get office macro files from anyone - even though this
is an exception, I'm not using
# the -- syntax since :MSOM is a special kind of exception removing this
special type from the generic exe-bin
officemacroo...@domain.com => block => ~BasicBlocks|:MSOM
# rules are combined, so noex...@seconddomain.com would be able to get all
attachments except for doc or xlst, but o...@seconddomain.com couldn't get
doc but could Excel, and noex...@thirddomain.com coudln't get excel, but
could get doc right???? If they are combined, wouldn't the generic rule
from above (* => block => ~BasicBlocks) also be applied? If they're not
combined, which rule below would be enforced for noex...@seconddomain.com
(batches both lines).
*@SecondDomain.com => block => doc
NoExcel@* => block => xls
I know some of my questions relate for functionality that hasn't changed
in recent releases, but I've never used wildcard address matching in
UserAttach, so I don't know practically what happens.
Thanks
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
