Mailscanner allows for a very fine level of control over email content and security via its configuration and ruleset files. This article shall look at setting up per user or per domain rules for file types.
It is based on my experience with MailScanner on RPM based systems, however it should work on any system running a standard install of MailScanner.
Why would this be of interest?
If you are scanning mail for multiple domains and companies you may wish to impose restrictions on certain file types for particular users or, as is more often the case, these restrictions will be forced on you.
Getting Started
If the server is in production you may want to stop MailScanner processing mail while you make the changes to its configuration:
/etc/init.d/MailScanner stop;/etc/init.d/MailScanner starting
This will stop MailScanner and then restart its “in” queue, so mail will “sit” in the inbound queue.
Open MailScanner.conf in vi:
vim /etc/MailScanner/MailScanner.conf
Look for the line :
Filename Rules = %etc-dir%/filename.rules.conf
In order to make this a ruleset which you can control you should change this to something like:
Filename Rules = %etc-dir%/filename.rules
in /etc/MailScanner you need to create the actual ruleset file.
The way I did it was:
FromOrTo: default /etc/MailScanner/filename.rules.conf
FromOrTo: *@domain1.ie /etc/MailScanner/filename.rules.domain1.conf
FromOrTo: *@domain2.com /etc/MailScanner/filename.rules.domain2.conf
The first file:
/etc/MailScanner/filename.rules.conf
is the one that ships with MailScanner (with or without sidewide modifications).
The other file(s) contain domain/user specific directives.
For example, one of our clients asked us to block ALL zip files, so the custom ruleset contained one minor, but important, difference:
deny \.zip$ - -
If you have been “hacking” MailScanner for a while you will know that you can specify rules to apply to an entire domain:
*@domain.tld or a specific user: user@domain.tld
You could also do it using something like:
From user1@domain.tld and To user2@domain.tld
The README is helpful:
As you can see, each rule has 3 fields:
1. Direction (or "Virus:")
2. Pattern to match
3. Result value (or values)
or 6 fields:
1. Direction 1 (or "Virus:")
2. Pattern to match
3. The literal word "and"
4. Direction 2 (or "Virus:")
5. Pattern to match
6. Result value (or values)
Your mileage may vary 🙂
Michele Neylon :: Pensieri
Technology, Marketing, Domains, Thoughts
Footer
Site hosted in Ireland by Blacknight - Content copyright Michele Neylon
There is an easier way to do this, that saves you a lot of administrative time in the long run, as well as being quicker to set up now.
It is all explained in the new version of the MailScanner Book, just go buy a new copy 🙂
Julian
Nice plug for your book 🙂