I've added a few file extensions to /usr/mailscanner/etc/filename.rules.conf
deny \.xls$
deny \.zip$
I've forced a rules update, i've stopped and restarted mailscanner, but these files are still allowed to pass.
I've copied rules from lines above and just modified the .xxx extension, but again, can't get this rule to work.
Any ideas please.
rules no longer working
Re: rules no longer working
Are you sure these files are being blocked because of their file name and not because of the file type? What is the message you are seeing in MailControl?
Have you ensured that you used [tab] characters between fields in the filename.rules.conf file and not spaces?
Have you ensured that you used [tab] characters between fields in the filename.rules.conf file and not spaces?
Re: rules no longer working
i've been trying all sorts this morning, and only just found that there may have been a space where there should have been a tab.
considering I copied and modified a rule above, can only make me think that one of the rules above has the error and I copied it.
considering I copied and modified a rule above, can only make me think that one of the rules above has the error and I copied it.
Re: rules no longer working
Is it working now?
Re: rules no longer working
I thought it was but still have a bit of an issue.
I'm denying xls files for the time being due to a virus attack.
But I want to allow xlsx.
However xlsx are being also blocked.
Should the allow xlsx rule be placed maybe before the deny xls one ?
I'm denying xls files for the time being due to a virus attack.
But I want to allow xlsx.
However xlsx are being also blocked.
Should the allow xlsx rule be placed maybe before the deny xls one ?
Re: rules no longer working
What exactly is the MailScanner report for the blocked xslx files and the blocked xls files?
Re: rules no longer working
Infection MailScanner: (file_name.xls)
But if I scan the attachment, the file is actually an xlsx file.
It looks like the deny .xls rule picked up on the file extension containing xls, but my allow xlsx rule didn't
But if I scan the attachment, the file is actually an xlsx file.
It looks like the deny .xls rule picked up on the file extension containing xls, but my allow xlsx rule didn't
Re: rules no longer working
That isn't the complete report. But it sounds like it may be detecting the filetype rather than the filename, so you need to check that and possibly modify the filetype.rules.conf and/or archives.filetype.rules.conf as well. There is a knowledgebase article that should help you identify what is actually happening:
https://support.configserver.com/en/kno ... ailscanner
https://support.configserver.com/en/kno ... ailscanner
Re: rules no longer working
Quite clearly sisn't working as a zip file got through today.
All the while I thought this rule was working and it just be that the virus was detected so clamv blocked them not mailscanner.
How would I go about blocking file types
All the while I thought this rule was working and it just be that the virus was detected so clamv blocked them not mailscanner.
How would I go about blocking file types
Re: rules no longer working
You'd need to find out how the file command on your server classifies the type of file, and add it to the filetype.rules.conf and archives.filetype.rules.conf files in the correct format. Check those files for more information. As far as I know, you would need to run the "file" command against the file you want to block, and put the output from that as the filetype in the second field in for your deny line in filetype.rules.conf and archives.filetype.rules.conf. From our knowledgebase article:
Also note that if it is a filetype check (rather than filename) that has blocked the file, but you don't think that it is correct (for example it has identified a text file as an executable), you need to look into the Linux file command and/or magic file on your server to fix this. This is not actually a MailScanner issue but an issue with the way the Linux file command has interpreted the file.