Darek, > Hi list, so I want to allow exe files if they are inside a compressed zip > or rar archive, and want to ask for verification of my change to > amavisd.conf > > In the regexp definition for "$banned_filename_re", I moved > > [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives > > which by default is 14 lines below the " $banned_filename_re" declaration > to be the first thing in the block, before exe, dll, cab, pif, etc. This > is what it looks like right now: > > $banned_filename_re = new_RE( > > [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives > > ### BLOCKED ANYWHERE > # qr'^UNDECIPHERABLE$', # is or contains any undecipherable components > qr'^\.(exe-ms|dll)$', # banned file(1) types, [...] > I just want to make sure I am not going to have some unforeseen things > happen. On first glance, it's working as expected. A client's Raima > database files are being tagged as exe files and being dropped. I'm fine > with letting through compressed archives, no matter what's inside, really.
Yes, that is alright, if anything within zip, rar, arc, arj or zoo archives is acceptable. Or perhaps give a free pass only to contents of a zip but not for other archives, which could be achieved by prepending a more restrictrive free pass, like: [ qr'^\.zip$'=> 0 ], Mark
