Page 1 of 1

Email address whitelisted but mailscanner analyze the content

Posted: 10 Nov 2018 07:46
by keysteal
Hi,

I've got a problem with an email. The content was analyzed by Mailscanner even if the email address is whitested.
I have also doubts that this check works well :
deny \s{10,} Filename contains lots of white space
is contained in \etc\Mailscanner\filename.rules.conf

Two days ago has deleted a file attachment (a PDF) written like this:
MailScanner: A long gap in a name is often used to hide part of it (2018-10-31 - 7.pdf)

2 white spaces are considered LONG?

Anyway, I've commented this check at the moment.

my rel is EFA-3.0.2.6

Thanks for help.

Re: Email address whitelisted but mailscanner analyze the content

Posted: 12 Nov 2018 12:47
by henk
Hi keysteal,

did you have a look at: viewtopic.php?t=533 as there are some limitations to black and whitelists : https://docs.mailwatch.org/using/faq.html

And sure this one: viewtopic.php?t=2983
For myself I let bayes do the work an only have very few entries in black and whitelists. Works fine with me.

You can use sa-learn on the specific message and see what happens to answer the question: Why are these rules fired when you whitelist the sender.
A small howto: viewtopic.php?t=3102