[exim] Strange problem with mime_acl_check.

Top Page
Delete this message
Reply to this message
Author: pencho kuncho
Date:  
To: Exim Users
Subject: [exim] Strange problem with mime_acl_check.
Hi,

I have a very strange situation with one our client. He tried to send mail to us with attachment (about 2mb, which is zipped folder with 20-30 files inside) but it's has been rejected with message:

user@???>: host mail.example.com[1.2.3.4] said: 451
Temporary local problem - please try later (in reply to end of DATA command)
Log message is:
2016-01-14 23:54:22 1aJppa-0000iB-39 H=(mail.host.com) [8.1.4.2] F=<user@???> temporarily rejected during MIME ACL checks: failed to expand ACL string "${if match{${run{/usr/bin/unzip -l $mime_decoded_filename}}}{\N(?i)\n.+\.(zip|exe|com|vbs|bat|pif|scr|hta|htm|html|js|cmd|chm|cpl|jsp|reg|vbe|lnk|uri|dll|sys|btm|dat|msi|prf|inf|vb|7z|gz|rar|jar|ace|url|cab)\n\N}}": command timed out


So, my config is:
0.    message_size_limit = 30M
1.    acl_smtp_mime = acl_check_mime
2.   acl_check_mime:

3.  deny message = server is busy
4.        condition = ${if def:sender_host_address}
5.       !authenticated = *
6.        !senders =  user@??? : user2@??? : user3@???
7.  log_message = forbidden attachment: filename=$mime_filename, \
8.                 content-type=$mime_content_type, recipients=$recipients
9.        condition = ${if or{\
10.                        {match{$mime_content_type}{(?i)executable}}\
11.                       {match{$mime_filename}{\N(?i)\.(exe|com|vbs|bat|pif\
12.                        |scr|hta|htm|html|js|cmd|chm|cpl|jsp|reg|vbe|lnk|uri\
13.                        |dll|sys|btm|dat|msi|prf|inf|vb|7z|gz|rar|jar\
14.                        |ace|zip|url|cab)\N}}}}

15.  deny message = server is busy
16.       condition = ${if match{$mime_filename}{\N(?i)\.zip$\N}}
17.       condition = ${if def:sender_host_address}
18.        !authenticated = *
19.        decode = default
20.        log_message = forbidden binary in attachment: filename=$mime_filename, \                recipients=$recipients
21.        condition = ${if match{${run{/usr/bin/unzip -l \
22.                        $mime_decoded_filename}}}\
23.                        {\N(?i)\n.+\.(zip|exe|com|vbs|bat|pif|scr|hta|htm|html\
24.                        |js|cmd|chm|cpl|jsp|reg|vbe|lnk|uri|dll|sys|btm|dat|msi\
25.                        |prf|inf|vb|7z|gz|rar|jar|ace|url|cab)\n\N}}

26.  accept
Any idea?