[Mimedefang] Whitelist_to problem

Paul Murphy pmurphy at ionixpharma.com
Wed Jun 23 09:38:29 EDT 2004 

Phil,

> I might be(read probably am) getting this completely wrong but I have a
> number of email addresses set up in sa-mimedefang.cf, the idea being
> that all mails to these addresses allow mime attachemtns through. 
> Unfortunately it doesn't work - the attachments are still 
> stripped out.

The whitelist_from entries in sa_mimedefang.cf only apply to spam scoring, as
this file is only used by SpamAssassin.  Senders matching a whitelist entry get
something like -50 added to their score.

Instead, you need to customise mimedefang-filter to use its own whitelist of
senders for whom attachment checking will be skipped - if the attachments are
being blocked by the bad_filename check, then around that check you would put an
if statement which only allows the check if the sender is not found in your
whitelist.

To do this, use something like this - (careful with the curly brackets!)

A.  At the top of mimedefang-filter, before the first function:

# List of Addresses to allow regardless of content
$IncomingWhitelist{'my_correspondent at company.com'} = 1;
$IncomingWhitelist{'a.n.other at secret.net'} = 1;

B. In filter, filter_multipart, etc: (wherever you use filter_bad_filename to
check the attachments)

  my @senderparts = split(/@/, $sender);
  my $dom = $senderparts[1];
  $dom =~ s/[<>]//g;

  if ( (filter_bad_filename($entity)) && 
	(! exists $IncomingWhitelist{lc($sender)} 
		&& ! exists $IncomingWhitelist{lc($dom)})
		 ) {
        ...actions for bad filenames
     }

Alternatively, enable the sender checks and then in filter_sender do a similar
check and if the white list entry exists, return ACCEPT_AND_NO_MORE_FILTERING -
this is then done at a very early stage and saves all of the SPAM
classification, attachment checks, etc, but also bypasses your virus scan...

In general, I save all of the checks for the main filter, then do them in
descending importance order, and introduce whitelists or bypasses as I go along:

1.  Virus scan - high security risk
2.  Whitelist to allow all file types
3.  File type check - moderate security risk
4.  Whitelist to allow SPAM to drop box
5.  Spam check - low security risk, but irritating
 etc.

Best Wishes,

Paul.
__________________________________________________
Paul Murphy
Head of Informatics
Ionix Pharmaceuticals Ltd
418 Science Park, Cambridge, CB4 0PA

Tel. 01223 433741
Fax. 01223 433788



_______________________________________________________________________
DISCLAIMER:
This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to which they
are addressed.  If you have received this email in error please contact
the sender or the Ionix IT Helpdesk on +44 (0) 1223 433741
_______________________________________________________________________

More information about the MIMEDefang mailing list