Hi list, so I want to allow exe files if they are inside a compressed zip or rar archive, and want to ask for verification of my change to amavisd.conf
In the regexp definition for "$banned_filename_re", I moved [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives which by default is 14 lines below the " $banned_filename_re" declaration to be the first thing in the block, before exe, dll, cab, pif, etc. This is what it looks like right now: $banned_filename_re = new_RE( [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives ### BLOCKED ANYWHERE # qr'^UNDECIPHERABLE$', # is or contains any undecipherable components qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary # qr'^\.(exe|lha|tnef|cab|dll)$', # banned file(1) types ### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: # [ qr'^\.(gz|bz2)$' => 0 ], # allow any in gzip or bzip2 [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives qr'.\.(pif|scr)$'i, # banned extensions - rudimentary # qr'^\.zip$', # block zip type ### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES: # [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives I just want to make sure I am not going to have some unforeseen things happen. On first glance, it's working as expected. A client's Raima database files are being tagged as exe files and being dropped. I'm fine with letting through compressed archives, no matter what's inside, really. -- Darek
