Thanks Mike and Jeremy. The problem has been resolved by putting all the
attachment names in one line. I think the continuation line was playing havoc
as Mike suspected. For the time being, it is rightly Warning for the pdf
attachments.
Regards
Sujit
From: Mike Brudenell [
mailto:mike.brudenell@york.ac.uk]
Sent: 07 April 2017 09:19
To: exim-users@???
Subject: Re: [exim] Problem with Mime attachment checking
Hi,
I'm pretty sure it's unrelated to you not getting the warning message, but
there's an error in your match pattern: you have two consecutive vertical bars
between the dll and pdf extensions (albeit with a line continuation
inbetween).
In passing, as all the file type patterns begin with "." you could factor that
out to before the list of alternatives:
condition = ${if match {${lc:$mime_filename}} \
{\N\.(exe|scr|bat|com|lnk|pif|reg|vbs|vb|vbe|dll|pdf|chm)$\N}}
To see what's in the $mime_filename variable and work out what's going on it
might be an idea to:
1. Create a test message that exhibits the problem when you send it;
2. Run up an Exim listener on a test host with debug options turned on;
3. Send your test message to the test system;
4. Look through the debugging output of Exim: this contains a wealth of
information such as what values are being substituted into string expansions,
tests, etc and lets you see exactly what is being tested where and the
results.
It can help if you have a second window open to view your configuration file
as you read through the debugging output, following the logic through.
The easiest way is to run Exim with verbose mode and all debugging enabled:
this gives you everything, is very verbose, but can help you trace through
your configuration file. Alternatively be more selective what options you turn
on.
exim -v -d+all -bd
All: Is there also a possible problem with the space character before the "\"
continuation character after the dll file type? When I've written LDAP
expressions before I remember having to be very careful not to put spaces
before the continuation character in some places because they didn't get
stripped by Exim's usual leading/trailing whitespace stripper: they were
considered important and part of the pattern.
Cheers,
Mike B-)
On 6 April 2017 at 17:25, Sujit Acharyya-choudhury <s.choudhury@???>
wrote:
I am having problem with Mime attachment checking with Exim 4.80 on Solaris.
The following code is in place and I am not getting the Warning message:
in the main settings:
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
acl_check_mime:
# pdf is just for test
warn
condition = ${if match{${lc:$mime_filename}} \
{\N(\.exe|\.scr|\.bat|\.com|\.lnk|\.pif|\.reg|\.vbs|\.vb|\.vbe|\.dll| \
|\.pdf|\.chm)$\N} \
{1}{0}}
message = WARNING: Bad MIME attachment filename ($mime_filename)
log_message = WARNING: Bad MIME attachment filename ($mime_filename)
accept
# ACL that is used after the DATA command
acl_check_data:
deny malware = *
message = This message contains a virus ($malware_name).
However, If I move the checking in the acl_check_data, then it gives the
warning message. Any idea?
Thanks in advance
Sujit Choudhury | IT Services
Birkbeck, University of London
--
## List details at
https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
--
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811
Web: www.york.ac.uk/it-services
Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm
