Hi Eric,
Since only some of the domain want to reject email with zip attachment, so I
keep the default setting in the last line.
xxx.com:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif:.zip:.rar
:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif
The first line stated with "xxx.com:clam=yes,spam=yes..................." is
the domain which don't want to receive email with zip and rar attachment.
The last line started with ":clam=yes,spam=yes......................." is
the default setting for the rest of the domains.
Is there anything wrong in my simcontrol file?
Thanks,
Alex
-----Original Message-----
From: Eric [mailto:[email protected]]
Sent: Thursday, October 6, 2016 10:18 PM
To: [email protected]
Subject: Re: [qmailtoaster] Reject email with zip attachment
Hi Teruo,
A) Here's my tcp.smtp file:
1) Entry for localhost relay:
127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys
/%/private",RBLSMTPD="",NOP0FCHECK="1"
2) Entry for all others:
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG
RCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/simscan",DKSIGN="/var/qmail/contro
l/domainkeys/%/private",NOP0FCHECK="1"
B) It looks like in your simcontrol file that default processing (line
beginning with ':') allows .zip files through.
Change
:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif
to
:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif:.zip
Eric
On 10/5/2016 7:55 PM, Kan Teruo wrote:
Hi Eric,
Thanks for your reply.
Please refer to below:
/var/qmail/control/simcontrol
==============================================
xxx.com:clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif:.zip
:.rar :clam=yes,spam=yes,spam_hits=12,attach=.mp3:.src:.bat:.pif
/etc/tcprules.d/tcp.smtp
==============================================
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER
_WRONG
RCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQU
EUE="/
var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail
/contr
ol/domainkeys/%/private"
By the way, you said you setup mail coming from 127.0.0.1 not to use
simscan.
May I know how to do it?
Thanks for your time and help.
Teruo
-----Original Message-----
From: Eric [mailto:[email protected]]
Sent: Wednesday, October 5, 2016 10:18 PM
To: [email protected]
Subject: Re: [qmailtoaster] Reject email with zip attachment
Hi Teruo,
1) Can you dump the /var/qmail/control/simcontrol file for us send it
to the list and /etc/tcprules.d/tcp.smtp ?
2) In simcontrol the ':' should only be between (a separator for) file
types.
So if you wanted to stop .zip attachments only it would be like this
attach=.zip
not
attach=:.zip
for multiple file types
attach=.typ1:.typ2:.typ3:.typ4
etc...
3) Check /etc/tcprules.d/tcp.smtp
In this file it is determined when simscan
(QMAILQUE="/var/qmail/bin/simscan") is used. On my setups mail coming
from
127.0.0.1 (localhost) simscan is not used so zip attachments would be
allowed through.
Eric
On 10/5/2016 4:18 AM, Kan Teruo wrote:
Hi All,
I had added attach=:.zip in the simcontrol and run the command
"qmailctl cdb".
It seem work fine to reject all email with zip attachment. (at least
I tested by using different email accounts like gmail and yahoo)
But I found that sometime still have spam mail with zip attachment
delivered into users' mailbox.
I tried to check the log but couldn't find any idea why the spam mail
with zip attachment can be delivered to users' mailbox.
Thanks!
Teruo
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
