Banned Content Bypass for Clients not fully working here.

Steve steeeeeveee at gmx.net
Sat Jan 14 13:38:58 CET 2012 

-------- Original-Nachricht --------
> Datum: Wed, 11 Jan 2012 15:41:29 +0100
> Von: Marko Weber <weber at zackbummfertig.de>
> An: Amavis Users <amavis-users at amavis.org>
> Betreff: Banned Content Bypass for Clients not fully working here.

> Hello List,
> 
Hello Marko,


> i try to bypass the banned content check for selected clients.
> but something dont work. banned content still gets blocked from the 
> test client.
> 
> in postfix main.cf i did:
> 
> smtpd_client_restrictions =
>          ......
>          ......
>          ......
>          check_client_access     hash:/etc/postfix/amavis_bypass
> 
> 
> contents of /etc/postfix/amavis_bypass:
> 
> 85.15x.xxx.51 FILTER smtp-amavis:[127.0.0.1]:10029
> 85.15x.xxx.83 FILTER smtp-amavis:[127.0.0.1]:10029
> 85.15x.xxx.35 FILTER smtp-amavis:[127.0.0.1]:10029
> 85.15x.xxx.99 FILTER smtp-amavis:[127.0.0.1]:10029
> 
> 
> in amavis.conf i set:
> 
> $inet_socket_port = [10024, 9998, 10029]
> 
> $interface_policy{'9998'} = 'AM.PDP-INET';
> $interface_policy{'10029'} = 'BYPASS';
> 
> $policy_bank{'BYPASS'} = {
> 
>     bypass_spam_checks_maps   => [1],  # don't spam-check this mail
> 
>     bypass_banned_checks_maps => [1],  # don't banned-check this mail
> 
>     bypass_header_checks_maps => [1],  # don't header-check this mail
> 
> };
> 
> 
> But when the Client sends a mail with an .exe i get blocked message 
> mails
> 
> No viruses were found.
> 
> Banned name: .exe,wc.exe
> Content type: Banned
> Internal reference code for the message is 14724-01/rB7oXdUVrj-0
> 
> First upstream SMTP client IP address: [85.15x.xxx.51] 
> mail174.xxxxxxx.com
> According to a 'Received:' trace, the message apparently originated at:
>    [xxx.26.252.207], hub-xx.stxx-xxxxx.de HELO
>    hub-xx.hamxx.xxxx.de 193.26.252.207
> 
> 
> Is anything wrong in my setup?
> 
probably. I think you process twice the mails from the clients you are trying to avoid the banned content checks.

Allow me to ask how you use/filter mails for all the OTHER senders? Do you have something like this in your master.cf:

smtpd     pass  -       -       n       -       -       smtpd
   -o content_filter=lmtp-amavis:[127.0.0.1]:10024

or

smtp      inet  n       -       n       -       -       smtpd
   -o content_filter=lmtp-amavis:[127.0.0.1]:10024



If yes then I think you are processing the message once using the content_filter instruction and once using the FILTER instruction. Using the FILTER command should IMHO work properly since you have excluded with a policy bank the banning of certain content. But the content_filter will does not know anything about that.



> I am using amavisd-new-2.6.4 (20090625) on gentoo linux
> 
The version is in this case not important.


> Marko
> 
Steve 

-- 
NEU: FreePhone - 0ct/min Handyspartarif mit Geld-zurück-Garantie!		
Jetzt informieren: http://www.gmx.net/de/go/freephone

More information about the amavis-users mailing list