The filter "demime" dont run if file is double extension. Example: ".tar.gz".
The file in directory scan aways save to ".com" extension, not witch ".tar.gz",
or ".gz",
and instruction "demime = " dont support double extension.
The single extension (arj, rar, tgz, tar and zip) are ok...
In attachment the script file for scan various compact files... The script scan
for a single extension and is possible to adaptate for a double extension.
Thanks from Brazil, City of Iguassu Falls.
------exim.conf data acl-----
deny log_message = "DENY: Demime - Extension $found_extension with Binary
Attachment found"
message = This message contains an unwanted binary
Attachment\n\
Extension: ${uc:$found_extension}
demime = zip:rar:arj:tar:tgz:gz:bz2
condition = ${run{/usr/bin/exim.checkpkt.sh $message_id
${lc:$found_extension}}{0}{1}}
--------exim.checkpkt.sh--------
#!/bin/sh
##########################################################################
# Feito por Silmar A. Marca marca@??? #
# http://www.grupogsn.com.br/ suporte@??? #
###########################################################################
# * A remocao destas linhas implica na nao observacao da licenca GNU * #
# * Informe ao autor sobre falhas ou incremento de funcoes * #
# * Respeite a propriedade intelectual, http://www.gnu.org/ * #
###########################################################################
# Runtime configuration file for Exim #
###########################################################################
#Definicoes
EXTENS='(ad[ep]|asd|ba[st]|chm|cmd|com|cpl|crt|dll|exe|hlp|hta|in[fs]|isp|jse?|jar|lnk|md[bez]|ms[cipt]|ole|ocx|pcd|pif|reg|sc[rt]|sh[sb]|sys|url|vb[es]?|vxd|ws[cfh]|cab)'
COMPAC='(zip|rar|arj|tgz|tar|gz|bz2)' #Extensoes atualmente reconhecidas
EXTENS='[.]('${EXTENS}'|'${COMPAC}')' #Previne arquivos compactados dentro de
compactados
cd /var/spool/exim/scan/$1
# mkdir /tmp/$1
# cp * /tmp/$1
#Todos arquivos do arquivo compactado
for i in `ls | egrep -i "${COMPAC}$"`; do
#arquivos ZIP
if [ "`echo $i | egrep -i '[.](zip)$'`" != "" ]; then
if [ `zipinfo -1 $i | egrep -i "${EXTENS}$" | wc -l` -gt 0 ]; then
exit 1
fi
fi
#arquivos RAR
if [ "`echo $i | egrep -i '[.](rar)$'`" != "" ]; then
if [ `unrar l $i | gawk '{ print $1 }' | egrep -i "${EXTENS}$" | wc -l` -gt 0
]; then
exit 1
fi
fi
#arquivos ARJ
if [ "`echo $i | egrep -i '[.](arj)$'`" != "" ]; then
if [ `unarj l $i | gawk '{ print $1 }' | egrep -i "${EXTENS}$" | wc -l` -gt 0
]; then
exit 1
fi
fi
#arquivos Tar
if [ "`echo $i | egrep -i '[.](tar)$'`" != "" ]; then
if [ `tar --list -f $i | gawk '{ print $1 }' | egrep -i "${EXTENS}$" | wc -l`
-gt 0 ]; then
exit 1
fi
fi
#arquivos TGZ e Tar.GZ
if [ "`echo $i | egrep -i '[.](tgz|gz)$'`" != "" ]; then
if [ `tar --list -zf $i | gawk '{ print $1 }' | egrep -i "${EXTENS}$" | wc -l`
-gt 0 ]; then
exit 1
fi
fi
#arquivos tar.bz2
if [ "`echo $i | egrep -i '[.](bz2)$'`" != "" ]; then
if [ `tar --list -jf $i | gawk '{ print $1 }' | egrep -i "${EXTENS}$" | wc -l`
-gt 0 ]; then
exit 1
fi
fi
done
exit 0
--------------------------------
Cordialmente, Silmar A. Marca
GrupoGSN - Desenvolvimento, Implantação e Verificação de Servidores
Profissionais baseados em Linux/Novell
http://www.grupogsn.com.br/~marca/
------------------------------------------------------------
Se algo não lhe faz mal (fisico, moral ou psicologicamente),
experimente! O máximo e você perder tempo! E tempo, e
o que você tem a vida toda pra perder.....
Mais vale um instante de prazer que uma eternidade fútil!
------------------------------------------------------------
