The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Allow .eml extension attachment on server

Discussion in 'General Discussion' started by linuxgirl, Aug 20, 2007.

  1. linuxgirl

    linuxgirl Active Member

    Joined:
    Nov 20, 2004
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    We have one of our client using thunderbird email client.He could able to send and receive mails without any problem but when he forward those mails he is getting this error -

    ----------------------------------------------
    A message that you sent could not be delivered to one or more of its
    recipients. This is a permanent error. The following address(es) failed:

    XXXXXXXXXXX@gmail.com
    This message has been rejected because it has
    a potentially executable attachment "FW: Observations.eml"
    This form of attachment has been used by
    recent viruses or other malware.
    If you meant to send this file then please
    package it up as a zip file and resend it.
    ----------------------------------------------------

    We have antivirus.exim filter enabled on server and we can see .eml is filtered by this script only. But now my query is --

    How we can allow this attachment extension for particular domain?
    Is thee any whitelist file? Or how we can allow him to forward mails without getting this error?

    Please update us for the same.


    Thank you.



    Linuxgirl
     
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    I would recommend he set his ciient to NOT send forwarded emails as attachments but rather in the more traditional style of forwarding emails.
     
  3. tweakservers

    tweakservers Well-Known Member

    Joined:
    Mar 30, 2006
    Messages:
    379
    Likes Received:
    0
    Trophy Points:
    16
    the other option you may consider to remove the .eml from the antivirus.exim file but you are on your risk
     
  4. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    I can see why she would want to accept EML files. I see people validly forwarding emails as attachments on a daily basis. Heck, I do it myself very often. I prefer to have 'preserved' emails. Forwarding does not preserve the full content of the original email.

    And to my knowledge, the people that have to worry if you allow EMLs to be sent/received are the clients, not the server owners. The clients should be running antivirus anyway, and often email clients (like Outlook/Express) default now to not allowing attachments to be read / viewed if it deems them potentially malicious.

    So I always remove 'eml' from the antivirus.exim file. Actually, I copy /etc/antivirus.exim to /etc/antivirus.exim.without.eml and then I go into Exim Configuration Editor and change the antivirus script to /etc/antivirus.exim.without.eml. I then edit /etc/antivirus.exim.without.eml to remove any instance of 'eml' (except in the comments).

    Mike
     
  5. linuxgirl

    linuxgirl Active Member

    Joined:
    Nov 20, 2004
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    Thank you all, for providing me the information.
    So mtindor..... you think removing .eml from antivirus.exikm is not harmfull and we can do it?
    right? Does anyone want to comment on this?


    Thank you.




    !Linuxgirl!
     
  6. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    That questoin would be answered differently by just about everyone. It's not harmful to the sysadmin. It _could_ be harmful to the users on your system who don't keep their OS/software up to date and/or don't use antivirus software and/or open every piece of email regardless of how suspect it looks.

    So I can't say that removing EML would not be harmful - It could be. But, I personally don't find it harmful to me or my customers - my customers have often specifically asked me to allow the reception of EML files. It wasn't until I had started using an account of my own on a cpanel machine that I realized it's a real pain in the ass to have EMLs blocked. I forward messages (with and without attachments) on a REGULAR basis, and if EML blocking is in place you can't do that. Knowing what kind of legitimate emails I forward as attachments, I think most people are forwarding legitimate emails as attachments.

    Like I said though, you should keep the original /etc/cpanel_exim_system_filter and just create a new one and use that.

    1. cp /etc/cpanel_exim_system_filter /etc/cpanel_exim_system_filter_without_eml
    2. Edit /etc/cpanel_exim_system_filter_without_eml
    - remove the various eml references - eml|


    3. Log into WHM, go into Exim Configuration Editor:
    System Filter File: /etc/cpanel_exim_system_filter_without_eml
    4 Save

    If you ever need to switch back, just change the System Filter File in Exim Configuration Editor to point back to the original file.

    NOTE: /etc/cpanel_exim_system_filter may occasionally be updated by Cpanel - and if you copy /etc/cpanel_exim_system_filter to /etc/cpanel_exim_system_filter_without_eml and you use /etc/cpanel_exim_system_filter_without_eml instead, then when Cpanel updates /etc/cpanel_exim_system_filter you'll never know about it. So you should check every so often to see if a Cpanel update has uploaded a new /etc/cpanel_exim_system_filter. If it has, then you can repeat this process.

    - Mike
     
Loading...

Share This Page