On Monday 05 July 2004 05:16, Carlos E. R. wrote:
The Friday 2004-07-02 at 23:16 +0200, Theo v. Werkhoven wrote:
# * leave $banned_filename_re undefined to disable these checks # (giving an empty list to new_RE() will also always return # false)
$banned_filename_re = new_RE( qr'\.[a-zA-Z][a-zA-Z0-9]{0,3}\.(vbs|pif|scr|bat|com|exe|dll)$'i,
However, there is no .zip there, and it seems to be rejecting zip files.
Read the reports more carefully... Note that exe *is* in your banned list.
For example, I see in a report bounced to me: |The message WAS NOT delivered to: |
: | 550 5.7.1 Message content rejected, id=09888-09 - BANNED: .exe
Note the BANNED: .exe part.
|The message has been quarantined as: | /var/spool/amavis/virusmails/virus-20040705-115345-09888-09
I look at the quarantined file, and I see: |X-Amavis-Alert: BANNED FILENAME, message contains part named: .exe
And again, the .exe part...
|Content-Type: application/octet-stream; | name="Bill.zip"
Perhaps the file is actually called Bill.zip.exe, or maybe there are multiple attachments. But amavisd appears to be functioning correctly.
Then, I find it is trying to send back bounces to external addresses,
when it should _never_ do so: |nimrodel:/etc/postfix # mailq |-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient------- |22FE7DF675 5459 Mon Jul 5 11:59:10 MAILER-DAEMON |(Host or domain name not found. Name service error for |name=copamericaperu.com.org type=MX: Host not found, try again) | ipinasco at | copamericaperu.com.org
Looking at the contens of that mail, I find: |From: amavisd-new
|To: <ipinasco at copamericaperu.com.org>
Double-check your amavisd.conf, there's a place in there to configure that behavior.
|BANNED CONTENTS ALERT | |Our content checker found | banned name: .exe |in email presumably from you (<ipinasco at copamericaperu.com.org>), to | the following recipient: |-> cer@localhost.nimrodel.valinor | |Delivery of the email was stopped!
¡I don't want amavis-new to send _any_ report, bounce, reject message or anything to any body whatsoever outside of my machine! I want it to report only to ME.
That's what I do. You just need to configure amavisd.conf properly.
I'm modifying the from addresses amavis uses:
$mailfrom_notify_admin = "amavis_new.virusalert\@$mydomain"; $mailfrom_notify_recip = "amavis_new.virusalert\@$mydomain"; $mailfrom_notify_spamadmin = "amavis_new.spam.police\@$mydomain";
$hdrfrom_notify_sender = '"amavisd-new.postmaster
"';
Look for $warnvirussender and disable it. -- Jarod C. Wilson, RHCE jcw@wilsonet.com