asked on
Amavisd File filetering issue
Hi,
I have some issues with the simple task of banning some file types in AmaVis-New and I just cannot figure out why it is not working the way it should. Basically, I want to completly block RAR and ZIP files. However, they still come through even though I did specify them in the "Blocked Everywhere" section. I just cannot figure out why they are still coming in. I think I probably miss something simple, but I searched everywhere, and I just get the simply outline on how to specify it in the config. However, in my case all is specified, but it just does not work. Everything else does work and running AmaVis in debug mode does not show any errors. So I guess I have some issue where I maybe specified the ban wrong. I have posted the excerpt of the config that is dealing with the file banning below. Maybe I am missing something. I really appreciate any comment or assistance on this.
$banned_filename_re = new_RE(
### BLOCKED ANYWHERE
qr'^UNDECIPHERABLE$', # is or contains any undecipherable components
qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary
qr'^\.(exe|lha|cab|dll)$',
qr'^\.(zip|rar)$', # banned file(1) types
qr'^\.(docm|arc|jar)$', # banned file(1) types
### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES:
# [ qr'^\.(gz|bz2)$' => 0 ], # allow any in gzip or bzip2
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'.\.(pif|scr)$'i, # banned extensions - rudimentary
qr'^\.zip$', # block zip type
### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES:
# [ qr'^\.(zip|rar|arc|arj|zoo
qr'^application/x-msdownlo
qr'^application/x-msdos-pr
qr'^application/hta$'i,
# qr'^message/partial$'i, # rfc2046 MIME type
# qr'^message/external-body$
# qr'^(application/x-msmetaf
# qr'^\.wmf$', # Windows Metafile file(1) type
# block certain double extensions in filenames
qr'^(?!cid:).*\.[^./]*[A-Z
# qr'\{[0-9a-f]{8}(-[0-9a-f]
# qr'\{[0-9a-z]{4,}(-[0-9a-z
# qr'.\.(exe|vbs|pif|scr|cpl
# qr'.\.(exe|vbs|pif|scr|cpl
qr'.\.(ade|adp|app|bas|bat
inf|ini|ins|isp|js|jse|lib
msp|mst|ocx|ops|pcd|pif|pr
wmf|wsc|wsf|wsh|rar|zip)$'
# qr'.\.(asd|asf|asx|url|vcs
qr'.\.(ani|cur|ico)$'i, # banned cursors and icons filename
# qr'^\.ani$', # banned animated cursor file(1) type
qr'.\.(mim|b64|bhx|hqx|xxe
);
# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
# and http://www.cknow.com/vtutor/vtextensions.htm
I have some issues with the simple task of banning some file types in AmaVis-New and I just cannot figure out why it is not working the way it should. Basically, I want to completly block RAR and ZIP files. However, they still come through even though I did specify them in the "Blocked Everywhere" section. I just cannot figure out why they are still coming in. I think I probably miss something simple, but I searched everywhere, and I just get the simply outline on how to specify it in the config. However, in my case all is specified, but it just does not work. Everything else does work and running AmaVis in debug mode does not show any errors. So I guess I have some issue where I maybe specified the ban wrong. I have posted the excerpt of the config that is dealing with the file banning below. Maybe I am missing something. I really appreciate any comment or assistance on this.
$banned_filename_re = new_RE(
### BLOCKED ANYWHERE
qr'^UNDECIPHERABLE$', # is or contains any undecipherable components
qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary
qr'^\.(exe|lha|cab|dll)$',
qr'^\.(zip|rar)$', # banned file(1) types
qr'^\.(docm|arc|jar)$', # banned file(1) types
### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES:
# [ qr'^\.(gz|bz2)$' => 0 ], # allow any in gzip or bzip2
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'.\.(pif|scr)$'i, # banned extensions - rudimentary
qr'^\.zip$', # block zip type
### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES:
# [ qr'^\.(zip|rar|arc|arj|zoo
qr'^application/x-msdownlo
qr'^application/x-msdos-pr
qr'^application/hta$'i,
# qr'^message/partial$'i, # rfc2046 MIME type
# qr'^message/external-body$
# qr'^(application/x-msmetaf
# qr'^\.wmf$', # Windows Metafile file(1) type
# block certain double extensions in filenames
qr'^(?!cid:).*\.[^./]*[A-Z
# qr'\{[0-9a-f]{8}(-[0-9a-f]
# qr'\{[0-9a-z]{4,}(-[0-9a-z
# qr'.\.(exe|vbs|pif|scr|cpl
# qr'.\.(exe|vbs|pif|scr|cpl
qr'.\.(ade|adp|app|bas|bat
inf|ini|ins|isp|js|jse|lib
msp|mst|ocx|ops|pcd|pif|pr
wmf|wsc|wsf|wsh|rar|zip)$'
# qr'.\.(asd|asf|asx|url|vcs
qr'.\.(ani|cur|ico)$'i, # banned cursors and icons filename
# qr'^\.ani$', # banned animated cursor file(1) type
qr'.\.(mim|b64|bhx|hqx|xxe
);
# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
# and http://www.cknow.com/vtutor/vtextensions.htm
AntiSpamEmail ServersLinux
Last Comment
Thomas