?
Solved

Amavis-new is blocking Office 2007 file formats.

Posted on 2009-07-13
3
Medium Priority
?
2,884 Views
Last Modified: 2013-12-09
We have a dedicated SPAM filter running Linux Debian (Etch) implementing Postfix/Amavis/SA/Clamd. Amavis-new is blocking new MS Office 2007 with messages similar to the following:

X-Amavis-Alert: BANNED, message contains part: multipart/mixed | application/octet-stream,.zip

My company has asked me to allow docx / xlsx / pptx fomats as attachments. How should I do this without opening a huge security hole?
0
Comment
Question by:icsbudapest
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 4

Accepted Solution

by:
OliverRahner earned 2000 total points
ID: 24838659
Find the line starting with "$banned_filename_re" inside your amavisd config file(s).

Add the following directly under this line:

  [ qr'(\.xlsx|\.docx|\.pptx)$' => 0 ], # allow MS Office 2007 plain files

This should be rather safe, as Office 2007 only allows macros to be placed inside files with an extension which ends in 'm' (.xlsm, .docm etc).
0
 

Author Comment

by:icsbudapest
ID: 24838712
Ah, for some reason I missed that about the macro format. Thanks for the quick tip. I will send some test messages and see if it is working.

0
 

Author Comment

by:icsbudapest
ID: 24838786
All seems to be working. attachments are going through without a problem. Thanks again.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question