Dear Gary, You wrote me the following:
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Gary V > Sent: woensdag 19 juli 2006 16:53 > To: amavis-user@lists.sourceforge.net > Subject: Re: [AMaViS-user] Do not Ban encrypted leaf > members,but do ban encrypted .ZIP > > H. wrote: [ snip ] > > I have got this section: > > > -----8<----- > > > # # within certain archives allow leaf members at any depth > if crypted > > [ qr'(?# ALLOW ENCRYPTED ) > > ^ (.*\t)? T=(zip|rar|arj) (.*\n)+ (.*\t)? A=C > (\t.*)? \z'xmi => 0 > > ], > > > But it does not work. > > > Encrypted .ZIP is passed with ***UNCHECKED*** in the Subject: field. > > (Should be blocked) > > Encrypted .ZIP in a nonencrypted .ZIP is passed with > ***UNCHECKED*** in > > the Subject: field. (This is a correct action.) > > > Did I misunderstood the comments or do I have another error? > > I could be wrong, but it appears to me this rule allows encrypted > zip|rar|arj files or will also allow the file to pass if > there is a file inside a zip|rar|arj that cannot be deciphered > (is encrypted). So to me your result would be expected. > I'm not sure how you would accomplish your goal. Mark may have an > idea, but won't be back for a week or so. I was already afraid for misunderstanding the comment... What I want is: to block encrypted .ZIP, but to pass encrypted .ZIP in an archive like .ZIP with an ***UNCHECKED*** mark in the subject. The reason is, I want to block malware send by contaminated zombies. Such as e-mail with encrypted .ZIP and the password in text or .GIF-image. But I also want to give my users a tool to be able to send/receive encrypted .ZIP files with confidential information without help of the ICT-department. I'll wait for Mark to comment on this. > > Another problem is that 'kill -HUP' of the amavisd master > > dies silently instead of doing a reload. No errors in the log, > > not even in debug mode... I have (re)checked the ownership of > > the amavisd files, but did not find an error. Have you got an > > idea where to look? > > >From RELEASE_NOTES: > > - sending signal HUP in order to restart amavisd no longer > works (previously > it only worked in non-chrooted environment and relied on > guessing amavisd > absolute path); please use 'amavisd reload', or 'amavisd > stop' and restart; Oh sh*t. I missed the Release notes... My Linux guru and a big help, got the amavisd RPM and installed it for me. So, I haven't seen it. B.t.w. in /etc/init.d there is the startup procedure amavisd. Normally, with a reload, you should execute 'service amavisd reload'. Guess what the command is to reload amavisd? Indeed 'killproc $prog -HUP'... > If the HUP method is really still needed, please replace the line > commandline => [], # disable > by: > commandline => ['/usr/local/sbin/amavisd','-c',$config_file], > in file amavisd, adjusting the path if necessary. Thank you very much for this hint. I'll check it out. Cheers, Harrie ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/