[exim] Strange problem with mime_acl_check.

Fri, 15 Jan 2016 01:21:37 -0800 

Hi, 

I have a very strange situation with one our client. He tried to send mail to 
us with attachment (about 2mb, which is zipped folder with 20-30 files inside) 
but it's has been rejected with message: 

[email protected]>: host mail.example.com[1.2.3.4] said: 451
Temporary local problem - please try later (in reply to end of DATA command)
Log message is:
2016-01-14 23:54:22 1aJppa-0000iB-39 H=(mail.host.com) [8.1.4.2] 
F=<[email protected]> temporarily rejected during MIME ACL checks: failed to 
expand ACL string "${if match{${run{/usr/bin/unzip -l 
$mime_decoded_filename}}}{\N(?i)\n.+\.(zip|exe|com|vbs|bat|pif|scr|hta|htm|html|js|cmd|chm|cpl|jsp|reg|vbe|lnk|uri|dll|sys|btm|dat|msi|prf|inf|vb|7z|gz|rar|jar|ace|url|cab)\n\N}}":
 command timed out


So, my config is:
0.    message_size_limit = 30M 
1.    acl_smtp_mime = acl_check_mime
2.   acl_check_mime:

3.  deny message = server is busy
4.        condition = ${if def:sender_host_address}
5.       !authenticated = *
6.        !senders =  [email protected] : [email protected] : [email protected] 
7.  log_message = forbidden attachment: filename=$mime_filename, \
8.                 content-type=$mime_content_type, recipients=$recipients
9.        condition = ${if or{\
10.                        {match{$mime_content_type}{(?i)executable}}\
11.                       {match{$mime_filename}{\N(?i)\.(exe|com|vbs|bat|pif\
12.                        |scr|hta|htm|html|js|cmd|chm|cpl|jsp|reg|vbe|lnk|uri\
13.                        |dll|sys|btm|dat|msi|prf|inf|vb|7z|gz|rar|jar\
14.                        |ace|zip|url|cab)\N}}}}

15.  deny message = server is busy
16.       condition = ${if match{$mime_filename}{\N(?i)\.zip$\N}}
17.       condition = ${if def:sender_host_address}
18.        !authenticated = *
19.        decode = default
20.        log_message = forbidden binary in attachment: 
filename=$mime_filename, \                recipients=$recipients
21.        condition = ${if match{${run{/usr/bin/unzip -l \
22.                        $mime_decoded_filename}}}\
23.                        
{\N(?i)\n.+\.(zip|exe|com|vbs|bat|pif|scr|hta|htm|html\
24.                        
|js|cmd|chm|cpl|jsp|reg|vbe|lnk|uri|dll|sys|btm|dat|msi\
25.                        |prf|inf|vb|7z|gz|rar|jar|ace|url|cab)\n\N}}

26.  accept
Any idea?




-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to