Exceptions to attachment type blocking?
Ralf Hildebrandt
r at sys4.de
Mon Feb 4 16:39:35 CET 2019
We're blocking exe/executables:
$banned_filename_re = new_RE(
### BLOCKED ANYWHERE
qr'^\.(exe-ms|dll|javascript)$', # banned file(1) types, rudimentary
Now recently some Microsoft (*.docx) documents turned up which are
being blocked due to "message contains .exe":
X-Amavis-Alert: BANNED, message contains .exe,.exe-ms,[trash]/0000.dat
Looking at the document and unzipping it I find a subdirectory
"[trash]", containing:
-rw-r--r-- 1 root root 140 Jan 1 1980 0000.dat
-rw-r--r-- 1 root root 331 Jan 1 1980 0001.dat
-rw-r--r-- 1 root root 269 Jan 1 1980 0002.dat
-rw-r--r-- 1 root root 335 Jan 1 1980 0003.dat
0000.dat: DOS executable (block device driver)
0001.dat: DOS executable (block device driver)
0002.dat: DOS executable (block device driver)
0003.dat: DOS executable (block device driver)
So I'm either looking for a way of emptying the "[trash]" resource (or
whatever it's called) OR to make execptions for that particular path
within a ZIP archive in amavisd-new.
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the amavis-users
mailing list