The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

antivirus.exim

Discussion in 'General Discussion' started by nzservers, Sep 7, 2004.

  1. nzservers

    nzservers Well-Known Member

    Joined:
    Oct 27, 2002
    Messages:
    81
    Likes Received:
    0
    Trophy Points:
    6
    Can someone tell me how to auto discard or blackhole emails that contain virus's for which the senders domain is invalid?
    At present they pile up on the mail queue.
    I have searched everywhere I can think of to find the filter to blackhole all incoming virus but the antivirus.exim file seems to only allow the fail filter.
    I only want the invalid senders virus mail blackholed but blackholing all virus will do :D
     
  2. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Checking for invalid senders is an option in WHM > Exim Configuration Editor.
     
  4. nzservers

    nzservers Well-Known Member

    Joined:
    Oct 27, 2002
    Messages:
    81
    Likes Received:
    0
    Trophy Points:
    6
    that option is enabled and working on all mails except those containing virus from invalid senders :confused:
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That's a pretty silly configuration by cPanel then ;)
     
  6. nzservers

    nzservers Well-Known Member

    Joined:
    Oct 27, 2002
    Messages:
    81
    Likes Received:
    0
    Trophy Points:
    6
    well, lets hope cpanel has the answer ;)

    .
     
  7. LP-Trel

    LP-Trel Well-Known Member

    Joined:
    Oct 13, 2003
    Messages:
    184
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Nirvana
    This is possible and I configure my customers' servers like this.

    Look into Exim transports and you'll find what you need. :cool:
     
  8. SubZero

    SubZero Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Balmumcu, Istanbul, TR
    What is the current status of this topic? :)

    I have set my antivirus.exim to novirus.exim and touched that file (it is now blank). I have added this to the 3rd box from top:
    Code:
    #!!# ACL that is used after the DATA command
    check_message:
      require verify = header_sender
      deny    message = This message contains malformed MIME ($demime_reason)
              demime = *
              condition = ${if >{$demime_errorlevel}{2}{1}{0}}
      deny    message = This message contains harmful content ($malware_name)
              demime  = *
              malware = *
      deny    message = Message contains a $found_extension attachment which we do not accept
              demime = bat:com:pif:prf:scr:vbs
      warn    message = X-Antivirus: Clam AntiVirus Scanner 0.86.1
      accept
    And I modify the demime line to include MORE extensions. This really helps because it just rejects those bastards at the SMTP level. :P
     
    #8 SubZero, Jul 11, 2005
    Last edited: Jul 11, 2005
Loading...

Share This Page