Sam Varshavchik wrote:
Moshe Gurvich writes:
Hi,
Apparently our mail server running courier 0.44 letting thru emails which should be stopped by maildrop.
The configuration is:
----------------
/etc/courier/courierd:
DEFAULTDELIVERY="| /usr/sbin/amavis | /usr/lib/courier/bin/maildrop"
----------------
/etc/courier/maildroprc:
if ( /\.(pif|exe|scr)/ || !/^From:/ || /name=\"(Info|Attach).zip\"/ )
{
EXITCODE=99
exit
}
----------------
in case maildroprc is ignored when there's $HOME/.mailfilter i have added:
$HOME/.mailfilter:
if (/\.(pif|exe|scr)/)
{
EXITCODE=99
exit
}
----------------
But still test emails with .PIF files are going thru.
Interesting that other rules in maildroprc and .mailfilter are done ok..
I'm not aware of any virus whose headers match any of the above regular expressions.
Reread the "PATTERN OPTIONS" section in the maildropfilter man page, and carefully review your filtering rules, keeping in mind that "header" means everything before the first blank line in the message, and "body" means everything that follows it.
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
