Good morning,
I'm having some trouble setting my EXIM to filter attachments correctly. I would like to extract all attachments and then make sure they do not contain any binaries. If they do EXIM should reject the message. I found a configuration to do this on the Internet but it's not working. I'm having trouble figuring out why. I would usually use the exim -bh command to trouble shoot issues like this but I'm not sure how to send attachments that way.
The configuration I am using is:
acl_check_data:
...
...
deny message = Attachment has unsupported file format inside zip file
demime = zip
condition = ${run{/bin/sh -c '/usr/local/sbin/check_archive.sh $message_exim_id'}{1}{0}
# check_archive.sh
cd "/var/spool/exim4/scan/${1}"
for I in $( ls | egrep -I '[.]zip' )
do
if [ $( unqip -l "{$i}" | \
egrep -I '[.](bat|btm|cmd|com|cpl|dat|dll|exe|lnk|msi|pif|prf|reg|scr|vb|vbs)$' | \
wc -l ) -gt 0 ]
then
exit 1
fi
done
exit 0
Attached zip files are getting through as they should. They are also getting through if they contain exe's or any other extension on the list above. I tried to run exim as follows:
Exim -bd -d-all+receive > new_log 2>&1
The new_log did not contain any helpful information. Any ideas on how I can figure out what is going on? Would it be a good idear to use "exim -bh" and figure out how to add the headers and base64 encoded attachment?
Thanks for the help.
Ray
