AW: [Mimedefang] I know, it's a Bad Idea(tm)

[Martin Bene]

> An exec where I work wants to be able to recieve mail with 
> any extension no matter what. Right now I have mimedefang 
> globally drop with warning a grand list of extensions 
> (35 in all), and I want to figure out how  to allow any
> extension to him, but still block it for the masses.  I have 
> tried inserting the following:
> 
> sub filter_begin {
> 	foreach $recip (@Recipients) {
> 		if ($recip eq 'ttt at aaa.com') {
> 			action_accept();
> 			last;
> 		}
> 	}
> }


a few comments on this: 

*) you'd need to use return action_accept() so filter processing stops.

*) won't ALL recipients of a message now get unfiltered attachments as soon as your exec is ONE of the recipients of the message? 

I think you'd have to put code into filter_begin that
 - checks if your exec is a recipient
 - number of recipients.
If exec found and number recipients > 1, the message must be resent for each recipient and the original (multi-recipient) message must be dropped. have a look at stream_by_domain () in mimedefang.pl for hints on how to do this.

*) just the fact that the guy asks to receice all extensions, no matter what, is a clear indication that he most definitely shouldn't get them. A knowledgeable user might have asked for some specific types to be enabled (exe/com files might make sense). I can't think of a setting where reception of .vbs, .shs etc. would actually be needed and anything BUT an unnecessary security risc. 

>From the way you describe the situation I'd bet the the answer to "Why do you need attachments delevered regardless of extension/mimetype" would be "Because I'm the EXEC!" :-(

Bye, Martin
********************************************************
Martin Bene,                 CTO
icomedias GmbH,              A-8020 Graz, Nikolaiplatz 4
t +43 (316) 721671-14,       f +43 (316) 721671-26
e martin.bene at icomedias.com, i http://www.icomedias.com
********************************************************