Hello,
We are using Zimbra Open Source Edition 8.0 and we are using it as one of our mail servers. We are facing an issue when we get any encrypted pdf which is been treated as virus and blocking that attachment and we are unable to see that mail.
We tried the option of unblocking the encrypted attachments but that means we are allowing the other viruses to hit our domain.
We wanted a work around where zimbra should be able to allow the encrypted pdf from one domain (icici.com) from a certain user(user@icici.com) but still it should be blocking the others in that domain.
Please help me in resolving this issue and I will be very very grateful to you.
Thanking you in Advance.
Regards,
Raghuram.
Allow encrypted PDF for a certain user for a certain domain
- DualBoot
- Elite member
- Posts: 1326
- Joined: Mon Apr 18, 2016 8:18 pm
- Location: France - Earth
- ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
- Contact:
Re: Allow encrypted PDF for a certain user for a certain domain
You need to modify the configuration of Postfix/Amavis. This not quiet simple but it is possible.
Re: Allow encrypted PDF for a certain user for a certain domain
Hi,
Can anyone let us know if there is an alternative way to overcome this issue. Like a script to scan all the mails and then use the LMTP injection to resend the mails to the users.
Quick help is highly appreciated and I will be very very thankful to you guys.
Regards,
Raghuram.
Can anyone let us know if there is an alternative way to overcome this issue. Like a script to scan all the mails and then use the LMTP injection to resend the mails to the users.
Quick help is highly appreciated and I will be very very thankful to you guys.
Regards,
Raghuram.
- DualBoot
- Elite member
- Posts: 1326
- Joined: Mon Apr 18, 2016 8:18 pm
- Location: France - Earth
- ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
- Contact:
Re: Allow encrypted PDF for a certain user for a certain domain
In this case do not use a script. Use the possibilities Postfix offered.
Start by reading more about Postfix and Amvisd are working togather.
Start by reading more about Postfix and Amvisd are working togather.
Re: Allow encrypted PDF for a certain user for a certain domain
I am stuck with the same problem. I am unable to receive many important mails due to encryption issue. And I am feeling very insecure to allow all encrypted archives to welcome viruses. In this scenario, I need the exact code or solution to receive the crucial mails having encrypted files from some specific domains / mail ids. So can you please help me out by providing me the code to achieve the goal.
- JDunphy
- Outstanding Member
- Posts: 889
- Joined: Fri Sep 12, 2014 11:18 pm
- Location: Victoria, BC
- ZCS/ZD Version: 9.0.0_P39 NETWORK Edition
Re: Allow encrypted PDF for a certain user for a certain domain
A general solution is as follows:
Create a SA rule that is specific to what you are attempting to do... All this does is allow clamav to pass this on for further scoring by SA. You would need to restart amavisd after making the changes.
HTH,
Jim
Code: Select all
Modify: /opt/zimbra/common/sbin/amavisd
@virus_name_to_spam_score_maps =
(new_RE( # the order matters, first match wins
[ qr'^Structured\.(SSN|CreditCardNumber)\b' => 0.1 ],
[ qr'^(Heuristics\.)?Phishing\.' => 0.1 ],
[ qr'^Heuristics\.Encrypted\.PDF' => 0.1 ], #JAD - add line
[ qr'^(Email|HTML)\.Phishing\.(?!.*Sanesecurity)' => 0.1 ],
Add a rule to sauser.cf
header J_ENCR_PDF X-Amavis-AV-Status =~ m{Heuristics\.Encrypted\.PDF}i
score J_ENCR_PDF 0.1
describe J_ENCR_PDF Allow encrypted pdf's through
HTH,
Jim