Custom SpamAssasin rules for useres - add attachment to whitelist

[DeviC3]

Hello, I have new problem with user email account. I need to whitelist pdf attachements only for one user is it possible in cPanel?
I have read articles and docs how to do it globbaly in WHM or server but I don't want to do this for all users.
Is some regex in area "whitelist_form" will be enough ?

Maybe something like this:

if $header_content-type: matches "(?:file)?name=(\"[^\"]+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|zip|sct|shs|url|vb[se]|ws[fhc])\")"
if $header_content-type: matches "(?:file)?name=(\\\\S+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|zip|scr|sct|shs|url|vb[se]|ws[fhc]))"
if $message_body matches "(?:Content-(?:Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+|Disposition:(?>\\\\s*)attachment);(?>\\\\s*)(?:file)?name=|begin(?>\\\\s+)[0-7]{3,4}(?>\\\\s+))(\"[^\"]+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|zip|reg|scr|sct|shs|url|vb[se]|ws[fhc])\")[\\\\s;]"
if $message_body matches "(?:Content-(?:Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+|Disposition:(?>\\\\s*)attachment);(?>\\\\s*)(?:file)?name=|begin(?>\\\\s+)[0-7]{3,4}(?>\\\\s+))(\\\\S+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|zip|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc]))[\\\\s;]"

 

[cPRex]

Hey there! I don't have any pre-made way to handle that type of customization. In order to do this you'd likely need to dig in to the Exim filter documentation and create some custom rules.

 

[DeviC3]

Thank You for reply, I will post feedback if I will find something.

 

[cPRex]

Please do - I'd be interested to see what you come up with!