Block .html only in .zip
marius.gologan at gmail.com
Fri Jul 24 23:06:27 CEST 2015
One more thing:
The presumed HTML file might be “ASCII text, with CRLF line terminators” and might be detected as “asc”, instead of html?.
In this case, T can be T=(asc|html?)
file –i resume.htm
In some cases last command might return application/octet-stream mime-type. Not sure, but if is a maware, some code is embedded in this case.
You can create new T(ypes) in $map_full_type_to_short_type_re - very useful to block xls and doc with malware.
Thank you for helping me earlier, today.
From: Marius Gologan [mailto:marius.gologan at gmail.com]
Sent: Friday, July 24, 2015 11:56 PM
To: 'Konstantin'; amavis-users at amavis.org
Subject: RE: Block .html only in .zip
I didn’t test this rule. I just made it up:
$banned_namepath_re = new_RE(
[ qr'(?# BLOCK HTML as application/x-zip-compressed)
^ (.*\t)? M=application/x-zip-compressed
\t(.*\t)* N=[^\t\n]* \. zip
(\t.*)? $'xmi => 'DISCARD'],
Run this command below and see what’s the Mime-Type of that file an replace the value in M=. Can be different than application/x-zip-compressed.
file –i resume.zip
When you run your test, place this in your amavis and restart it. Will give you many combined values matched against $banned_namepath_re.
@debug_sender_maps = ( ["test-sender\@$mydomain"] );
From: amavis-users [mailto:amavis-users-bounces+marius.gologan=gmail.com at amavis.org] On Behalf Of Konstantin
Sent: Friday, July 24, 2015 7:05 PM
To: amavis-users at amavis.org
Subject: Block .html only in .zip
Is it possible to set up banned_rules to block .html,.htm if they are only inside attached .zip file?
I can not block .html,.htm files because some users want to receive them.
unzip -l Downloads/resume.zip
Length Date Time Name
--------- ---------- ----- ----
654 2015-07-22 19:38 2101_resume.htm
This message was delivered using 100% recycled electrons.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the amavis-users