Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

block W32.Beagle.J@mm with mailscanner

Discussion in 'cPanel Developers' started by smarcellini, Mar 9, 2004.

  1. smarcellini

    smarcellini Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    156
    I've tried editting etc/MailScanner/filename.rules.conf and adding:

    deny message.zip$

    But when I test this, it still allows the "message.zip" file to pass through.

    I notice below that it is set to:

    allow \.zip$

    so I changed this to:

    # allow \.zip$

    but it still isnt blocking the attachment.

    I did restart the MailScanner service too.

    I would like to block all the (name).zip files that are infected with this virus and any help would be appreciated.
     
    #1 smarcellini, Mar 9, 2004
    Last edited: Mar 9, 2004
  2. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Egypt
    Change the allow to deny

    example:
    deny \.zip$ - -

    For a specific zip file:

    deny hello\.zip$
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 mmkassem, Mar 9, 2004
    Last edited: Mar 9, 2004
  3. smarcellini

    smarcellini Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    156
    thanks after playing with it, that did the trick. Here is a sample of what I have to help others.

    # These are known to be mostly harmless.
    allow \.jpg$ - -
    allow \.gif$ - -
    # .url is arguably dangerous, but I can't just ban it...
    allow \.url$ - -
    allow \.vcf$ - -
    allow \.txt$ - -
    deny Message\.zip$ - -
    deny Attach\.zip$ - -
    deny Information\.zip$ - -
    deny Readme\.zip$ - -
    deny Document\.zip$ - -
    deny Info\.zip$ - -
    deny TextDocument\.zip$ - -
    deny TextFile\.zip$ - -
    deny MoreInfo\.zip$ - -
    allow \.t?gz$ - -

    NOTE*: The attachment name is case sensitive so make sure they are capitalized.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice