1 Topic by stefanr

  • stefanr
  • Member
  • Offline
  • Registered: 2015-12-01
  • Posts: 6

Topic: Block Emails with Subject Rechnung/invoice with include a doc/zip

==== Required information ====
- iRedMail version (check /etc/iredmail-release):  0.90
- Linux/BSD distribution name and version:  Ubunut
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  Mysql
- Web server (Apache or Nginx): -
- Manage mail accounts with iRedAdmin-Pro? to mutch
- Related log if you're reporting an issue:
====

good morning, we are using the ired pro Version and i want kick emails with s with Subject Rechnung/invoice with include a doc/zip Attachment direct, is this posible and how?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,805

Re: Block Emails with Subject Rechnung/invoice with include a doc/zip

I'm afraid that you need a content filter (like Amavisd, SpamAssassin).

Postfix offers header_checks, body_checks, but they cannot get mail headers (subject) and mail body at the same time, so you need a content filter so that it gets full email (headers + body).

3 Reply by neozimpi@gmail.com

  • neozimpi@gmail.com
  • Member
  • Offline
  • From: Berlin, Germany
  • Registered: 2015-03-04
  • Posts: 99

Re: Block Emails with Subject Rechnung/invoice with include a doc/zip

I have the smae issue.

amavis and spamassassin are installed but it seems they are doing nothing.
Every spam mail check i do is delivered not even marked as spam.
I checked with the tool from this site:
http://www.emailsecuritycheck.net/index.html

I fetch my mails using getmail4 from my online server and deliver them via iredmail local. We wanted to block specific file extensions as well for all domains and users:
asd, bat, chm, cmd, com, dll, exe, hlp, hta, js, jse, lnk, mov, ocx, pif, reg, rm, scr, shb, shm, shs, vbe, vbs, vbx, vxd, wav, wmf, wsf, wsh

how can i achieve this?

Getmail4 gives the mails direclty to dovecot. So i am not sure
if dovecot or getmail should get a filter. Maybe iam completly wrong.
I tried so many things and dont want to break the system.

Spam should be tagged as ::: SPAM :::

I hope to find a solution.
Without any spamfilter its realy dangerous. At least with the attachment stuff
locky etc...

thx in advance

4 Reply by neozimpi@gmail.com

  • neozimpi@gmail.com
  • Member
  • Offline
  • From: Berlin, Germany
  • Registered: 2015-03-04
  • Posts: 99

Re: Block Emails with Subject Rechnung/invoice with include a doc/zip

I will try this solution:
spamassassin in getmail file

[filter-spamassassin]
type = Filter_external
path = /usr/bin/spamc
arguments = ("--max-size=100000", )

but hope you might have another idea.

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,805

Re: Block Emails with Subject Rechnung/invoice with include a doc/zip

neozimpi@gmail.com wrote:

I fetch my mails using getmail4 from my online server and deliver them via iredmail local. We wanted to block specific file extensions as well for all domains and users:
asd, bat, chm, cmd, com, dll, exe, hlp, hta, js, jse, lnk, mov, ocx, pif, reg, rm, scr, shb, shm, shs, vbe, vbs, vbx, vxd, wav, wmf, wsf, wsh
how can i achieve this?

You can define a list of extensions you want to block in Amavisd, "$banned_filename_re =", or "$banned_namepath_re =".

6 Reply by neozimpi@gmail.com (edited by neozimpi@gmail.com 2016-02-24 00:39:44)

  • neozimpi@gmail.com
  • Member
  • Offline
  • From: Berlin, Germany
  • Registered: 2015-03-04
  • Posts: 99

Re: Block Emails with Subject Rechnung/invoice with include a doc/zip

thx its working on my testmachine now i need to replicate this to the real one.

On the live machine are some problems. as following:
i hope but it seems that i need to use the filter in getmail as well. i added the line switched to another user (cannot run under root) and now i get the error:

Configuration error: refuse to invoke external commands as root by default

Delivery error (command deliver 7631 error (127, exec of command deliver failed (change UID/GID to 2000/2000 failed ([Errno 1] Operation not permitted))))
  msg 54/54 (9444 bytes) from <securitycheck@emailsecuritycheck.net>, delivery error (command deliver 7631 error (127, exec of command deliver failed (change UID/GID to 2000/2000 failed ([Errno 1] Operation not permitted))))

I dont know that to switch  i seems user id is not proberly configured but iam stuck at this point.

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,805

Re: Block Emails with Subject Rechnung/invoice with include a doc/zip

I'm afraid that It's better to check getmail documents or ask for support in its mailing list.

8 Reply by stefanr (edited by stefanr 2016-02-24 18:40:56)

  • stefanr
  • Member
  • Offline
  • Registered: 2015-12-01
  • Posts: 6

Re: Block Emails with Subject Rechnung/invoice with include a doc/zip

ZhangHuangbin wrote:

Amavisd

where do i find this file on a ubuntu/mysql install to block custom filenames?

9 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,805

Re: Block Emails with Subject Rechnung/invoice with include a doc/zip

On Debian/Ubuntu, it's /etc/amavis/conf.d/20-*