Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

.eml attachments blocked by EXIM

Discussion in 'E-mail Discussions' started by albatroz, Apr 20, 2012.

  1. albatroz

    albatroz Well-Known Member

    Mar 6, 2003
    Likes Received:
    Trophy Points:
    Virtual Orbis / Peru
    cPanel Access Level:
    Root Administrator
    Is there any chance to make EXIM accept by default this attachment extension?
    It is used by Outlook and several other email clients for forwarding emails.
  2. mtindor

    mtindor Well-Known Member

    Sep 14, 2004
    Likes Received:
    Trophy Points:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    You can edit the default filter [ /etc/cpanel_exim-system_filter ] to remove the filtering for EML. However, if you edit this, duing some Exim updates it will overwrite that and you will then have to edit it again.

    You can copy /etc/cpanel_exim_system_filter to /etc/cpanel_exim_system_filter_noEML (as an example) and then edit /etc/cpanel_exim_system_filter_noEML to remove the filtering for EML. But then you'd have to go into the Exim Configuration Editor (I'm still running 11.30 so I'm not sure how this has changed in 11.32) and designate an alternate filter:

    1. cp /etc/cpanel_exim_system_filter /etc/cpanel_exim_system_filter_noEML

    2. edit /etc/cpanel_exim_system_filter_noEML

    Remove |eml from these four lines:

    if $header_content-type: matches "(?:file)?name=(\"[^\"]+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt[B]|eml[/B]|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc])\")"
    if $header_content-type: matches "(?:file)?name=(\\\\S+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt[B]|eml[/B]|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc]))"
    if $message_body matches "(?:Content-(?:Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+|Disposition:(?>\\\\s*)attachment);(?>\\\\s*)(?:file)?name=|begin(?>\\\\s+)[0-7]{3,4}(?>\\\\s+))(\"[^\"]+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt[B]|eml[/B]|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc])\")[\\\\s;]"
    if $message_body matches "(?:Content-(?:Type:(?>\\\\s*)[\\\\w-]+/[\\\\w-]+|Disposition:(?>\\\\s*)attachment);(?>\\\\s*)(?:file)?name=|begin(?>\\\\s+)[0-7]{3,4}(?>\\\\s+))(\\\\S+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt[B]|eml[/B]|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc]))[\\\\s;]"
    3. WHM --> Exim Configuration Editor --> Filters --> System Filter File
    - enter in: /etc/cpanel_exim_system_filter_noEML
    - Save

    Notes: (a) these instructions are for 11.30. I don't know if they apply to 11.32. (b) cPanel might update /etc/cpanel_exim_system_filter periodically with necessary / useful code changes, and so you should occasionally to check to see if a new /etc/cpanel_exim_system_filter exists and then repeat this process at intervals throughout the year.

    I agree it would be nice to be able to select the attachments you want to block / not block from an interface. Heck, maybe that's available in 11.32. I don't know. Otherwise, it would be a good recommendation for 11.34.


Share This Page