Undesired ban of text mail
Benny Pedersen
me at junc.eu
Sat Dec 11 17:53:14 CET 2021
On 2021-12-11 12:08, Nikolaos Milas wrote:
> I find banned plain text mail as follows (- I replaced real usernames
> with user1-3):
>
> p.path BANNED:1 user3 at noa.gr: "P=p001,L=1,M=text/plain,T=exe",
> matching_key="(?^:^\\.(exe|lha|cab|dll|gz|tgz|lzh)$)"
it contains both text and a modos exe file
would it be better to use amavisd-milter, and change the banned to
reject ?
you wont miss the exe file
in case you like to debug it more
ripmime -i banned-quarntine-file -d /tmp
if it gz compressed quarantine do gzip -d first
if ls /tmp shows a exe file, you got it
upload this exe file to virustotal.com and see if its safe to use
anyway, but dont do it, never use exe file delivered in email, never
ever
> Thanks in advance,
security first
More information about the amavis-users
mailing list