Exim anti-virus facility

[Wallaby]

I see Exim now has some simple anti-virus capability: looks like a filter which checks for potentially nasty file extensions etc. I don\'t think there is any virus scanning as such built in (which is ok by me).

From my limited testing, it looks like sending an attachment like nastyfile.com (or .exe etc) to an email address on a server with the newly-filtered Exim will result in the mail not being delivered. The same mail with the same physical attachment called nastyfile.txt gets delivered fine.

As far as I can see there is no turn-on or turn-off option per mailbox or per domain?

It looks like the \"bad\" mail is supposed to bounce back to the sender, but as yet I\'ve not received any bounced messages, they seem to have just disappeared (or take a long time to be returned).

Could someone from the CPanel team elucidate a little on this new facility for us, so we can get it from the horse\'s mouth rather than guess?

Many thanks in advance.

 

[Annette]

You can look at the entire list of things exim will filter in /etc/antivirus.exim (the filter line in exim.conf is message_filter = /etc/antivirus.exim). Personally, I think it\'s going a bit overboard with the list of things to be filtered. It looks like an all or nothing kind of deal - either everything is filtered or it isn\'t, although some control can be had over the list of items. My question: when I comment out this over-zealous filter from exim.conf, will that get undone at some point by an update?

 

[Wallaby]

Thanks Annette -- I\'d found that file later! I would also much prefer it if there was the option to use or not use various of the facilities on a domain-by-domain basis.

Any CPanel development staff around to comment please?

 

[Annette]

I\'ve yet to see any way to create this filtering (or negate it) on a domain by domain basis. I wound up commenting it out across all servers (tedious!) because of the hassle it was causing our clients.