Hallo Leute!
Ist zwar eine amavisd-Frage, aber vielleicht kann mir hier geholfen werden.
Mein Problem: .exe Dateien in .rar Archiven werden nicht blockiert (nur in .zip Dateien). Wie kann ich amavisd so konfigurieren, dass .exe Dateien auch in .rar Archiven geblockt und in Quarantäne geschoben werden.
Hier noch ein Auszug meiner amavisd.conf $banned_filename_re = new_RE(
### BLOCKED ANYWHERE # qr'^UNDECIPHERABLE$', # is or contains any undecipherable components qr'^.(exe-ms|dll)$', # banned file(1) types, rudimentary # qr'^.(exe|lha|cab|dll)$', # banned file(1) types
### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: # [ qr'^.(gz|bz2)$' => 0 ], # allow any in gzip or bzip2 [ qr'^.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'..(pif|scr)$'i, # banned extensions - rudimentary # qr'^.zip$', # block zip type
### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES: # [ qr'^.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives
qr'^application/x-msdownload$'i, # block these MIME types qr'^application/x-msdos-program$'i, qr'^application/hta$'i,
# qr'^message/partial$'i, # rfc2046 MIME type # qr'^message/external-body$'i, # rfc2046 MIME type
# qr'^(application/x-msmetafile|image/x-wmf)$'i, # Windows Metafile MIME type # qr'^.wmf$', # Windows Metafile file(1) type
# block certain double extensions in filenames qr'^(?!cid:).*.[^./]*[A-Za-z][^./]*.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i,
# qr'{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}}?'i, # Class ID CLSID, strict # qr'{[0-9a-z]{4,}(-[0-9a-z]{4,}){0,7}}?'i, # Class ID extension CLSID, loose
qr'..(exe|vbs|pif|scr|cpl)$'i, # banned extension - basic # qr'..(exe|vbs|pif|scr|cpl|bat|cmd|com)$'i, # banned extension - basic+cmd # qr'..(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta| # inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst| # ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs| # wmf|wsc|wsf|wsh)$'ix, # banned ext - long # qr'..(ani|cur|ico)$'i, # banned cursors and icons filename # qr'^.ani$', # banned animated cursor file(1) type
# qr'..(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab. );