Mailing List Archive

Block attachment extension
Heloo
how to block attachment with zip rar etc. extension in Exim 4.91 ?
this entry in the configuration has stopped working

deny condition = ${if match{$mime_boundary}{\N( |\t)$\N}}
message = MIME boundary delimiter ends with whitespace
deny condition = ${if >{${strlen:$mime_boundary}}{70}}
message = Too long MIME boundary delimiter
deny condition = ${if match{${lc:$mime_filename}}{\N(\.com|\.vbs|\.bat|\.pif|\.scr|\.exe|\.js|\.mpeg|\.wmv|\.wav|\.wmp|\.asf|\.zip|\.rar|\.mpg|\.bmp)$\N}}


regards
Slawek
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Block attachment extension [ In reply to ]
On 08/23/2018 12:13 PM, S?awomir Dworaczek via Exim-users wrote:
> this entry in the configuration has stopped working

What have you changed since it did work?
--
Jeremy


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Block attachment extension [ In reply to ]
heloo
it stopped working from changing the exim version to 4.91

Regards

----- Original Message -----
From: "Jeremy Harris via Exim-users" <exim-users@exim.org>
To: <exim-users@exim.org>
Sent: Thursday, August 23, 2018 2:16 PM
Subject: Re: [exim] Block attachment extension


> On 08/23/2018 12:13 PM, S?awomir Dworaczek via Exim-users wrote:
>> this entry in the configuration has stopped working
>
> What have you changed since it did work?
> --
> Jeremy
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Block attachment extension [ In reply to ]
S?awomir Dworaczek via Exim-users <exim-users@exim.org> (Do 23 Aug 2018 13:13:45 CEST):
> Heloo
> how to block attachment with zip rar etc. extension in Exim 4.91 ?
> this entry in the configuration has stopped working
>
> deny condition = ${if match{$mime_boundary}{\N( |\t)$\N}}
> message = MIME boundary delimiter ends with whitespace
> deny condition = ${if >{${strlen:$mime_boundary}}{70}}
> message = Too long MIME boundary delimiter
> deny condition = ${if match{${lc:$mime_filename}}{\N(\.com|\.vbs|\.bat|\.pif|\.scr|\.exe|\.js|\.mpeg|\.wmv|\.wav|\.wmp|\.asf|\.zip|\.rar|\.mpg|\.bmp)$\N}}

Part of which ACL is it? What is the relevant log message?
$mime_boundary part of the MIME ACL, but I'm not sure if it already
already existed with the old demime options (I've forgotten how it worked).

Can you past the MIME and the DATA ACLs?

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
Re: Block attachment extension [ In reply to ]
this is the whole acl rule

acl_check_mime:
accept hosts = :
# --- accept messages for abuse / postmaster
accept condition = $acl_m_pm
deny decode = default
condition = ${if >{$mime_anomaly_level}{1}}
message = This message contains a MIME error ($mime_anomaly_text)
# --- Check MIME boundary delimiter according RFC2046
deny condition = ${if match{$mime_boundary}{\N( |\t)$\N}}
message = MIME boundary delimiter ends with whitespace
deny condition = ${if >{${strlen:$mime_boundary}}{70}}
message = Too long MIME boundary delimiter
deny condition = ${if match{${lc:$mime_filename}}{\N(\.com|\.vbs|\.bat|\.pif|\.scr|\.exe|\.js|\.mpeg|\.wmv|\.wav|\.wmp|\.asf|\.zip|\.rar|\.mpg|\.bmp)$\N}}
message = Nie obslugujemy tych zalacznikow
accept authenticated = *
warn !hosts = +relay_from_hosts
condition = ${if >{$mime_anomaly_level}{0}}
set acl_c0 = ${eval:$acl_c0+20}
set acl_c1 = DEMIME(20) found MIME error ($mime_anomaly_text); $acl_c1
accept
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Block attachment extension [ In reply to ]
S?awomir Dworaczek via Exim-users <exim-users@exim.org> (Do 23 Aug 2018 15:47:04 CEST):
> this is the whole acl rule
>
> acl_check_mime:
> accept hosts = :
> # --- accept messages for abuse / postmaster
> accept condition = $acl_m_pm


And the log told you what?

--
Heiko
Re: Block attachment extension [ In reply to ]
> From: S?awomir Dworaczek

> how to block attachment with zip rar etc. extension in Exim 4.91 ?
> this entry in the configuration has stopped working

> deny condition = ${if match{${lc:$mime_filename}}{\N(\.com|\.vbs|\.bat|\.pif|\.scr|\.exe|\.js|\.mpeg|\.wmv|\.wav|\.wmp|\.asf|\.zip|\.rar|\.mpg|\.bmp)$\N}}

If at the beginning of Exim config you haven't the line

check_rfc2047_length = false

then the reason is long filenames, not Exim version. Add this line.


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/