Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

block W32.Beagle.J@mm with mailscanner

Discussion in 'cPanel Developers' started by smarcellini, Mar 9, 2004.

  1. smarcellini

    smarcellini Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    156
    I've tried editting etc/MailScanner/filename.rules.conf and adding:

    deny message.zip$

    But when I test this, it still allows the "message.zip" file to pass through.

    I notice below that it is set to:

    allow \.zip$

    so I changed this to:

    # allow \.zip$

    but it still isnt blocking the attachment.

    I did restart the MailScanner service too.

    I would like to block all the (name).zip files that are infected with this virus and any help would be appreciated.
     
    #1 smarcellini, Mar 9, 2004
    Last edited: Mar 9, 2004
  2. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Egypt
    Change the allow to deny

    example:
    deny \.zip$ - -

    For a specific zip file:

    deny hello\.zip$
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 mmkassem, Mar 9, 2004
    Last edited: Mar 9, 2004
  3. smarcellini

    smarcellini Well-Known Member

    Joined:
    Mar 27, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    156
    thanks after playing with it, that did the trick. Here is a sample of what I have to help others.

    # These are known to be mostly harmless.
    allow \.jpg$ - -
    allow \.gif$ - -
    # .url is arguably dangerous, but I can't just ban it...
    allow \.url$ - -
    allow \.vcf$ - -
    allow \.txt$ - -
    deny Message\.zip$ - -
    deny Attach\.zip$ - -
    deny Information\.zip$ - -
    deny Readme\.zip$ - -
    deny Document\.zip$ - -
    deny Info\.zip$ - -
    deny TextDocument\.zip$ - -
    deny TextFile\.zip$ - -
    deny MoreInfo\.zip$ - -
    allow \.t?gz$ - -

    NOTE*: The attachment name is case sensitive so make sure they are capitalized.
     
    #3 smarcellini, Mar 10, 2004
(You must log in or sign up to post here.)
Loading...
Similar Threads - block Beagle J@mm
  1. Shood

    Prevent users from sending emails that gets server IP blocked?

    Shood, Sep 14, 2018 at 5:50 PM, in forum: E-mail Discussion
    Replies:
    4
    Views:
    88
    Shood
    Sep 19, 2018 at 5:43 PM
  2. joaosavioli

    Blocked distributed ftpd attack emails and LFD going down

    joaosavioli, Sep 10, 2018, in forum: Security
    Replies:
    2
    Views:
    71
    cPanelLauren
    Sep 12, 2018
  3. PumpinIron

    SOLVED Block incoming email with multiple recipients (CCs)?

    PumpinIron, Sep 9, 2018, in forum: E-mail Discussion
    Replies:
    3
    Views:
    67
    cPanelLauren
    Sep 10, 2018
  4. Hays Sleiman

    SOLVED CSF Blocking Google DNS + dig Command

    Hays Sleiman, Sep 5, 2018, in forum: Bind/DNS/Nameserver
    Replies:
    7
    Views:
    100
    cPanelLauren
    Sep 7, 2018
  5. Marani

    Have I been Blocked?

    Marani, Aug 26, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    128
    cPanelLauren
    Aug 27, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice