SimScanTips

From Qmailwiki
(Difference between revisions)
Jump to: navigation, search
(I enabled the received line features, but it only shows ``scanners: none'' in the received line, although the message is scanned)
(New FAQ: Does someone have a list of file extensions that everybody should block?)
Line 28: Line 28:
 
  QMAILQUEUE=/path/to/simscan SIMSCAN_DEBUG=2 qmail-inject somercpt@somedomain < a-mail.txt
 
  QMAILQUEUE=/path/to/simscan SIMSCAN_DEBUG=2 qmail-inject somercpt@somedomain < a-mail.txt
 
in fact, I'd recommend testing simscan like this before enabling it on smtp level. It's way easier (and safer ;) ) to debug it this way first.
 
in fact, I'd recommend testing simscan like this before enabling it on smtp level. It's way easier (and safer ;) ) to debug it this way first.
 +
 +
= Does someone have a list of file extensions that everybody should block? =
 +
Yes. Bellow is a list of files that rarely will be used for working reasons. If your goal is, beside protecting users from viruses, to prevent them of having fun during working hours, you should block all these files. But before you just cut and paste this list straight to your ssattach file, check if none of the extensions bellow could be necessary to your customers.
 +
.ade
 +
.adp
 +
.app
 +
.asd
 +
.asf
 +
.asp
 +
.asx
 +
.avi
 +
.bas
 +
.bat
 +
.bin
 +
.chm
 +
.cil
 +
.cla
 +
.class
 +
.cmd
 +
.com
 +
.cpl
 +
.crt
 +
.csh
 +
.css
 +
.dll
 +
.dot
 +
.email
 +
.eml
 +
.exe
 +
.fxp
 +
.hlp
 +
.hta
 +
.htm
 +
.html
 +
.inf
 +
.ins
 +
.isp
 +
.js
 +
.jse
 +
.ksh
 +
.lnk
 +
.mda
 +
.mdb
 +
.mde
 +
.mdt
 +
.mdw
 +
.mdz
 +
.mov
 +
.mp3
 +
.mpe
 +
.mpeg
 +
.mpg
 +
.msc
 +
.msi
 +
.msp
 +
.mst
 +
.nws
 +
.ocx
 +
.ops
 +
.pcd
 +
.pif
 +
.pl
 +
.pm
 +
.pot
 +
.pps
 +
.prf
 +
.prg
 +
.ps
 +
.rar
 +
.reg
 +
.scf
 +
.scr
 +
.sct
 +
.shb
 +
.shm
 +
.shs
 +
.url
 +
.vb
 +
.vbe
 +
.vbs
 +
.vxd
 +
.wav
 +
.wmd
 +
.wmf
 +
.wms
 +
.wmz
 +
.wsc
 +
.wsf
 +
.wsh
 +
.wsz
 +
.xsl
 +
.xlt
 +
.xlw

Revision as of 11:51, 3 June 2005

Contents

Is there a mailing list archive?

Theres a list-archive for simscan at http://dir.gmane.org/gmane.mail.qmail.simscan

I enabled the received line features, but it only shows "scanners: none" in the received line, although the message is scanned

You have to run

simscanmk -g

first, to initialize the version database. See also the next question.

What is the best practice to update simversions.cdb?

I run it from cron (as root) every hour (together with update_trend). It may miss a clam update, but that's acceptable for me.

Or you could make a sudo entry for the clam user and run sudo /var/qmail/bin/simscanmk -g a nice solution too :)

Simscan permissions

In order to make simscan work be sure /var/qmail/simscan has the same group qmail-smtpd is running. So if you have qmail-smtpd working with vpopmail user because you have vchkusr patch you should have /var/qmail/simscan with vpopmail group.


Simscan debugging

The easiest way to debug Simscan is on the command line. Run it like this:

QMAILQUEUE=/path/to/simscan SIMSCAN_DEBUG=2 qmail-inject somercpt@somedomain < a-mail.txt

in fact, I'd recommend testing simscan like this before enabling it on smtp level. It's way easier (and safer ;) ) to debug it this way first.

Does someone have a list of file extensions that everybody should block?

Yes. Bellow is a list of files that rarely will be used for working reasons. If your goal is, beside protecting users from viruses, to prevent them of having fun during working hours, you should block all these files. But before you just cut and paste this list straight to your ssattach file, check if none of the extensions bellow could be necessary to your customers. .ade .adp .app .asd .asf .asp .asx .avi .bas .bat .bin .chm .cil .cla .class .cmd .com .cpl .crt .csh .css .dll .dot .email .eml .exe .fxp .hlp .hta .htm .html .inf .ins .isp .js .jse .ksh .lnk .mda .mdb .mde .mdt .mdw .mdz .mov .mp3 .mpe .mpeg .mpg .msc .msi .msp .mst .nws .ocx .ops .pcd .pif .pl .pm .pot .pps .prf .prg .ps .rar .reg .scf .scr .sct .shb .shm .shs .url .vb .vbe .vbs .vxd .wav .wmd .wmf .wms .wmz .wsc .wsf .wsh .wsz .xsl .xlt .xlw

Personal tools