> The basic idea is to allow before you block. Be > mindful of where things are placed. You want to > make sure the stuff you want blocked is before > the stuff you allow. In other words, if you want to > allow exe files, but only if they are zipped, > place all the stuff you want blocked before you > allow anything (but don't include exe type files > in the files you want blocked yet). Then, allow > zipped files. Then, place anything that might > detect a file as an exe, after the point where > zipped files are allowed.
In short, first match wins, top down on the list. A banning lookup is performed for each mail part (leaf) independently. If any is blocked, the whole message is blocked. A query key for each lookup carries all the information about the full path (within a structure of a message and archives) leading to this leaf, e.g. (from your case): multipart/mixed | application/x-zip-compressed, .zip, BitTorrent-6.0.2.zip | .exe, .exe-ms, BitTorrent-6.0.2.exe So the above query is stepping through each rule in the list: 1.) qr'^\.(exe-ms|exe|dll)$', # block 2.) [ qr'^\.(zip|rar)$'=> 0 ], # allow at 1): multipart/mixed ? NO application/x-zip-compressed? NO .zip ? NO BitTorrent-6.0.2.zip ? NO .exe ? YES => block, game over, never reaches rule 2 for this leaf If the order of rules is reversed: 1.) [ qr'^\.(zip|rar)$'=> 0 ], # allow 2.) qr'^\.(exe-ms|exe|dll)$', # block at 1): multipart/mixed ? NO application/x-zip-compressed? NO .zip ? YES => allow, game over, never reaches rule 2 for this leaf Mark ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/