[exim] Trouble filtering attachments

Top Page
Delete this message
Reply to this message
Author: Raymond Jette
Date:  
To: exim-users@exim.org
Subject: [exim] Trouble filtering attachments
Good morning,

I'm having some trouble setting my EXIM to filter attachments correctly. I would like to extract all attachments and then make sure they do not contain any binaries. If they do EXIM should reject the message. I found a configuration to do this on the Internet but it's not working. I'm having trouble figuring out why. I would usually use the exim -bh command to trouble shoot issues like this but I'm not sure how to send attachments that way.

The configuration I am using is:


acl_check_data:
                ...
                ...
                deny                      message = Attachment has unsupported file format inside zip file
                                                demime = zip
                                                condition = ${run{/bin/sh -c '/usr/local/sbin/check_archive.sh $message_exim_id'}{1}{0}



# check_archive.sh

cd "/var/spool/exim4/scan/${1}"
for I in $( ls | egrep -I '[.]zip' )
do
if [ $( unqip -l "{$i}" | \
                egrep -I '[.](bat|btm|cmd|com|cpl|dat|dll|exe|lnk|msi|pif|prf|reg|scr|vb|vbs)$' | \
                wc -l ) -gt 0 ]
then
                exit 1
fi
done
exit 0



Attached zip files are getting through as they should. They are also getting through if they contain exe's or any other extension on the list above. I tried to run exim as follows:
Exim -bd -d-all+receive > new_log 2>&1

The new_log did not contain any helpful information. Any ideas on how I can figure out what is going on? Would it be a good idear to use "exim -bh" and figure out how to add the headers and base64 encoded attachment?

Thanks for the help.

Ray