The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

What's considered a "dangerous attachment"?

Discussion in 'E-mail Discussions' started by GoWilkes, Nov 5, 2008.

  1. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I have a client that is sending a 21MB ZIP file (a Quickbooks backup, compressed as a ZIP) to another client, and while they do receive the email, the attachment isn't included.

    As a test, I asked him to send it to my own email account and CC it to a Gmail account. It showed up on Gmail correctly, but my regular email account just received the email with no attachment. This eliminates the recipient's Outlook being the problem.

    The only setting that I could find that might impact this is "Attachments: Filter dangerous attachments" under Exim Configuration in WHM. I couldn't find anywhere that stated how a "dangerous attachment" is defined, but would this setting allow the email to go through without the attachment?

    If so, is there a way to modify it so that this attachment will go through, but not be so loose as to allow viruses and such through?
     
  2. santrix

    santrix Well-Known Member

    Joined:
    Nov 30, 2008
    Messages:
    223
    Likes Received:
    2
    Trophy Points:
    18
    This is a good question, and I'm bumping the thread as I also want to know what the

    Attachments: Filter dangerous attachments

    setting does. I run clamav and to be honest, I would rather not have to if this setting will automatically strip out anything with an executable extension for windoze.

    Obviously, for clamd to have to parse 10Mb attachments on the off chance it may contain a virus is a big overhead, when it's much easier to check the attachment doesn't have an exe, com, bat etc extension.

    does anyone know what this setting actually does?
     
  3. Data 1

    Data 1 Well-Known Member

    Joined:
    May 25, 2008
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Columbus Ohio
    cPanel Access Level:
    DataCenter Provider
    Count me in on this.

    I actually have mine turned off, because the "outlook/outlook express" potentially dangerous attachment could mean any attachment even JPGS and GIFS which are frequently transferred and forwarded during e-mail. Would be nice to know exactly where the line is drawn for exim.

    This isn't really a cpanel question it is exim but someone here is bound to know the answer.

    Jim
     
  4. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    This setting activates the filters stored in /etc/antivirus.exim

    Essentially, this filters out files with the following extensions:

    .ade
    .adp
    .bas
    .bat
    .chm
    .cmd
    .com
    .cpl
    .crt
    .eml
    .exe
    .hlp
    .hta
    .inf
    .ins
    .isp
    .jse and .jse followed by any character
    .lnk
    .mdb
    .mde
    .msc
    .msi
    .msp
    .mst
    .pcd
    .pif
    .reg
    .scr
    .sct
    .shs
    .url
    .vbs
    .vbe
    .wsf
    .wsh
    .wsc

    If you look at the file, you'll see other filters in it but these file extensions are what most folks think of when they think of this functionality.
     
  5. Data 1

    Data 1 Well-Known Member

    Joined:
    May 25, 2008
    Messages:
    113
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Columbus Ohio
    cPanel Access Level:
    DataCenter Provider
    This seems like a "good" thing, does it tax the CPU any above the normal strains that exim demands?
     
  6. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    I haven't heard any reports of this causing noticeable drain on the CPU.
     

Share This Page