Re: [exim] Lack of demime support in latest verstion + more.

Góra strony
Delete this message
Reply to this message
Autor: Phil Pennock
Data:  
Dla: kamil kapturkiewicz
CC: exim-users
Temat: Re: [exim] Lack of demime support in latest verstion + more.
On 2017-02-06 at 17:01 +0100, kamil kapturkiewicz wrote:
> acl_check_data:
>
> ##  deny  message       = $found_extension files are not accepted here  
> ##        demime                = com:exe:vbs:bat:pif:reg:scr

>
> ##  deny  message       = Serious MIME defect detected ($demime_reason).
> ##      demime          = *
> ##      condition       = ${if >{$demime_errorlevel}{2}{1}{0}}

>
> deny  message         = This message contains a virus ($malware_name) and is rejected.
>         log_message     = rejected VIRUS ($malware_name) from $sender_address to $recipients (ClamAV)
>         set acl_m0      = clamd:/tmp/clamd.socket
>         condition       = ${if < {$message_size}{VIRUS_FILESIZE_LIMIT}}
> ##     demime          = *
>         malware         = *

>
> How can I bring back this functionality?


For ClamAV, my recollection is that it unpacks email itself, so all
you've done is had it scan the contents twice, both unexpanded and
expanded. My recollection could be off.

For the extensions, something like this (untested):

# main section:
acl_smtp_mime = acl_check_mime
#...
begin acl
acl_check_mime:
  deny   message = ${extract{-1}{.}{$mime_filename}} files are not accepted here
       condition = ${if inlisti{${extract{-1}{.}{$mime_filename}}}{com:exe:vbs:bat:pif:reg:scr}}
  accept


Without a filename, $mime_filename will be empty, the extract result
will be empty and so won't match unless the list of extensions includes
the empty list element.

(Skipping rest of questions already answered)

-Phil