Is it possible to quarantine password protected archives or to automatically forward them to a specific emailaddress?
We are try to build a solution in which the user can enter the password of the archive and it will be re-zipped as a non protected archive and resent to the recipient. For this we need to be able to access the zip-file and read the recipients.
Thanks in advance.
Luc
Quaranatine password protected Archives
Re: Quaranatine password protected Archives
/etc/Mailscanner.conf
Allow Password-Protected Archives = no
This will quarantine password protected files
Allow Password-Protected Archives = no
This will quarantine password protected files
Re: Quaranatine password protected Archives
That settings is currently already set to 'no'
My current settings regarding virus/archives:
Code: Select all
Virus Scanning = yes
Virus Scanners = sophos clamd
Virus Scanner Timeout = 300
Deliver Disinfected Files = no
Silent Viruses = HTML-IFrame All-Viruses
Still Deliver Silent Viruses = no
Non-Forging Viruses = Joke/ OF97/ WM97/ W97M/ eicar Zip-Password
Spam-Virus Header = X-%org-name%-MailScanner-EFA-SpamVirus-Report:
Virus Names Which Are Spam = Sane*UNOFFICIAL HTML/* *Phish*
Block Encrypted Messages = no
Block Unencrypted Messages = no
Allow Password-Protected Archives = no
Check Filenames In Password-Protected Archives = yes
Allowed Sophos Error Messages = "Password protected file"
Re: Quaranatine password protected Archives
What are your "Quarantine *" settings in MailScanner.conf?
Re: Quaranatine password protected Archives
Code: Select all
Quarantine Dir = /var/spool/MailScanner/quarantine
Quarantine User = postfix
Quarantine Group = mtagroup
Quarantine Permissions = 0660
Quarantine Infections = no
Quarantine Silent Viruses = no
Quarantine Modified Body = no
Quarantine Whole Message = yes
Quarantine Whole Messages As Queue Files = no
Re: Quaranatine password protected Archives
So, according to what I see, I believe password protected archive files should be automatically quarantined.
Is your system not quarantining password protected archive files?
Is your system not quarantining password protected archive files?
Re: Quaranatine password protected Archives
That's correct. I tried sending myself a message with a password protected zip-file. I know the message ID but even when trying to use the locate command with this ID I'm unable to find the message. I think this is because of the following setting: 'Quarantine Silent Viruses = no'
Re: Quaranatine password protected Archives
Any idea how we can fix this?
We currently have a big problem with companies trying to send us legitimate password protected files but we don't want to remove the rule.
If these messages are quarantined we can work toward a fix for this.
We currently have a big problem with companies trying to send us legitimate password protected files but we don't want to remove the rule.
If these messages are quarantined we can work toward a fix for this.
Re: Quaranatine password protected Archives
try setting "Quarantine Silent Viruses = yes" and "Quarantine Infections = yes", restart mailscanner, and then send yourself a password protected zip file and see what happens.