[Mimedefang] Allowing mails from specific users
Hi, One of my local users needs to be able to receive specific emails from one particular user, however, the sender is sending attached files which are zipped .exe files. At the moment, I' having to unquaratine these mails daily, but ideally I would like to set MD so that the extensions check is skipped for this sender. If I put in a filter_sender section, where it matches the sender, that returns a ACCEPT_AND_NO_MORE_FILTERING, will this be executed before the extension check, or will I need to do something different here ? Thanks, Richard -- Richard Whelan Senior Systems Administrator PIPEX Direct: +44 (0) 1865 381568 Mobile: +44 (0) 7786 276020 website: http://www.pipex.net/ This e-mail is subject to: http://www.pipex.net/disclaimer.html ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] Allowing mails from specific users
Yes that would work. Of course any virus/spammer pretending to use that email address would also get through. Nelson Minica ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Allowing mails from specific users
True, but it's an unusual email address, and I have AV checking on a separate system that all mails go through, so that wouldn't be skipped. Yes that would work. Of course any virus/spammer pretending to use that email address would also get through. Nelson Minica Thanks, Richard ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang -- Richard Whelan Senior Systems Administrator PIPEX Direct: +44 (0) 1865 381568 Mobile: +44 (0) 7786 276020 website: http://www.pipex.net/ This e-mail is subject to: http://www.pipex.net/disclaimer.html ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] Allowing mails from specific users
Richard,
I use a Perl hash to hold details of all whitelisted addresses, and check this
before calls to contentious parts of the filter, e.g.:
At the top of the filter (i.e. globally):
# Addresses to allow regardless of origin
$IncomingWhitelist{'[EMAIL PROTECTED]'} = 1;
$IncomingWhitelist{'[EMAIL PROTECTED]'} = 1;
Then in the relevant parts of the filter (in this case :
# skip greylisting for selected users
my @senderparts = split(/@/, $Sender);
my $senderdom = $senderparts[1];
$senderdom =~ s/[]//g;
#md_syslog('debug',Whitelist check - $Sender,$senderdom,$ip);
if (
(exists $IncomingWhitelist{lc($sender)}) ||
(exists $IncomingWhitelist{lc($senderdom)}) ||
( exists $LocalRelayAddrs{$ip}) )
{
md_syslog('info',WhiteList - skip greylisting check,
Sender=$Sender,Dom=$senderdom, Addr=$ip);
return ('CONTINUE', ok);
}
Or:
if ( (!exists $IncomingWhitelist{lc($Sender)})
(filter_bad_filename($entity)) ) {
md_graphdefang_log('bad_filename', $fname, $type);
action_notify_administrator(A file called $fname from $Sender was
removed from an e-mail with subject | $subject | - quarantined.\n\n);
This has the advantage of keeping in virus scanning, SPAM filtering, or whatever
while allowing some addresses to skip some parts.
In addition, my ZIP file handling is fairly involved, as the only way to be sure
that a zip file is safe is to examine the contents in an intelligent manner.
See the attached code from filter() for details.
Best Wishes,
Paul.
__
Paul Murphy
Head of Informatics
Ionix Pharmaceuticals Ltd
418 Science Park, Cambridge, CB4 0PA
Tel. 01223 433741
Fax. 01223 433788
___
DISCLAIMER:
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to which they
are addressed. If you have received this email in error please contact
the sender or the Ionix IT Helpdesk on +44 (0) 1223 433741
___
zip_check.pl
Description: zip_check.pl
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
