[prev in list] [next in list] [prev in thread] [next in thread]
List: james-user
Subject: Chances to AttachmentFileName matcher
From: Vincenzo Gianferrari Pini <vincenzo.gianferraripini () praxis ! it>
Date: 2004-07-16 13:10:29
Message-ID: 40F7D3C5.8020001 () praxis ! it
[Download RAW message or body]
I made some changes to the AttachmentFileName matcher and committed it to cvs.
The changes are described in JIRA JAMES-303, 305 and 306.
The first one is the ability to look inside (without recursion) zip files, looking \
for filename matches, plus the ability to ask for some debug info.
The syntax in config.xml is:
"... match="AttachmentFileNameIs=-z -d ..."
where "-z" asks for the zip analysis, and "-d" asks for some debug info (if matching \
is successfull + any exception).
The second fixes a bug in the matcher that was preventing it to find matches if there \
were multiparts embedded in other multiparts. This could occur if the message \
containing attachments were also S/MIME signed. Now it does a recursive analysis \
inside multiparts.
The third one gets rid of a possibly harmless but confusing situation: some \
exceptions corresponding to "unsupported" (but irrelevant as not related to \
attachments) encodings were sometimes thrown. The previous behaviour was to have them \
flow up in the calling chain, and the common config.xml (and IMO correct) setting is \
to catch them eventually with an "onMatchException" clause, so it was normally \
ignored, but not by everybody. Now such exceptions will be ignored regardless of the \
"onMatchException" setting, and will never be reported. Any other exception that may \
be thrown should be considered either as a runtime problem or a malformed message, so \
it is logged to the mailet.log if the "-d" parameter is set as shown above, then is \
thrown up. But if there is any possibly matching attachment, it matches even in a \
malformed message. If not, it would be a new bug and in this case we should know it \
to fix.
In case anybody is using this matcher to block "dangerous" (possibly infected by very \
new viruses) files, I suggest to put it *after* any antivirus scan and to code the \
entry like in the following:
...
<!-- Check attachment extensions for possible viruses -->
<mailet match="AttachmentFileNameIs=-d -z *.exe *.com *.bat *.cmd *.pif \
*.scr *.vbs *.avi *.mp3 *.mpeg *.shs" class="Bounce" onMatchException="noMatch">
<sender>bounce-admin@xxx.yy</sender>
<inline>heads</inline>
<attachment>none</attachment>
<passThrough>false</passThrough>
<prefix>[REJECTED]</prefix>
<notice>
...............
</notice>
</mailet>
...
Obviously there may be variations. BTW, is there any suggestion for other extensions?
I put the new version of the matcher in production in my company, and it seems to \
work fine.
Vincenzo
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic