detect and block ACE archive
Marcin Rożek
marcin.rozek at wum.edu.pl
Fri Apr 20 13:58:27 CEST 2018
> First you need to add the following line to $map_full_type_to_short_type_re in /usr/sbin/amavisd-new:
> $map_full_type_to_short_type_re = [
> …
> [qr/^ACE archive\b/i => 'ace-unwanted'], <=== add this line
> …
> ];
>
> This line maps the output of the file utility (…result line from file(1): p002: ACE archive data version 20…) to "ace-unwanted".
>
> Then you add "ace-unwanted" to $banned_filename_re in your config:
>
> $banned_filename_re = new_RE(
> …
> qr'^\.(ace-unwanted)$'i, <=== add this line
> …
>);
Thank you Christian - that worked!
Is it possible to add map_full_type_to_short_type_re to /etc/amavisd/amavisd.conf as any update of package is going to wipe ACE detection from /usr/sbin/amavisd ?
Is there any chance to add a possibility to unpack ACE archives to amavisd? I hope that banning them completely is only temporary solution 😊
--
Best regards,
Marcin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4024 bytes
Desc: not available
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20180420/bd5caefe/attachment.bin>
More information about the amavis-users
mailing list