Stop delivery of email with certain attachments

nivekau

• July 23, 2019 02:05

I use Mailscanner which blocks delivery of dangerous email attachments to mail boxes. It still delivers the email but replaces the attachment with a warning message. On rare occasions this warning can be useful because someone sends me something that I want to receive. However some attachment types would never be welcome, such as .vbs. Is there a way in WHM/cpanel to block any email which contains a .vbs attachment, so that it doesn't even reach mailscanner?

• 

  keat63

  • July 23, 2019 07:27

  I filtered out a few file extensions. This should help.

  0
• 

  cPanelLauren

  • July 23, 2019 19:22

  You shouldn't even need to use the exim system filter file to filter .vbs attachments. By default cPanel will filter dangerous attachments with the extensions as listed in the documentation here: Exim Configuration Manager - Basic Editor - Version 82 Documentation - cPanel Documentation .vbs extensions are included in this list and the setting in the exim configuration manager is on by default.

  0
• 

  nivekau

  • July 25, 2019 03:57

  For some reason my exim system filter file is set to a custom file /etc/antivirus.empty (which is an empty file), therefore the option 'Attachments: Filter messages with dangerous attachments' is greyed out (unavailable) I'm not sure why this the case. I have ConfigServer MailScanner Front-End for cPanel which was installed by the company who provides it (Way to the Web Ltd), but I'm not sure what may have changed as part of the install process. At the moment .vbs attachments are filtered out by Mailscanner (not by Exim). Mailscanner delivers the message to the mailbox but replaces the attachment with a warning message. I'll have to lodge a ticket with Way to the Web Ltd and ask them.

  0
• 

  keat63

  • July 25, 2019 07:29

  I believe the file in question is /etc/cpanel_exim_system_filter. However, I also believe that this gets over written during any updates, so ideally you need to create a custom copy of this file and configure exim to refer to the custom copy instead. Exim Configuration Manager - Basic Editor - Version 82 Documentation - cPanel Documentation How to Customize the Exim System Filter File - cPanel Knowledge Base - cPanel Documentation I could be wrong though, as it was a while ago that I last did this.

  0
• 

  nivekau

  • July 25, 2019 13:51

  I had a response from Way to the Web Ltd re the ConfigServer MailScanner installation and they said: "...that is part of the install. We would recommend that you not use the exim attachment filter but use MailScanner to block these attachments instead. "

  0
• 

  cPanelLauren

  • July 25, 2019 14:06

  Yea, you wouldn't actually ever hit the exim_system_filter, when you're running mailscanner because mail is actually received on the server by the mailscanner process. You'd need to customize mailscanner, which can be done, you should be able to remove attachment types you don't want to scan. The documentation here might provide some instruction on how to do this:

  0

Please sign in to leave a comment.