anomy-list

file list rules processing

From: David Tilley (34731@xyz.molar.is)
Date: Wed 06 Feb 2002 - 08:58:00 UTC

  • Next message: Dave Cridland: "Re: file list rules processing"

    It appears that Anomy stops processing a part as soon as it gets a rule
    match. That is, once a file_list_# pattern matches, remaining rules/patterns
    are not checked for that part. Is this by design or have I misconfigured
    somewhere?

    I'm trying to first feed everything through an external virus scanner,
    regardless of filename, so I do this:

    file_list_rules = 1
    file_list_1 = (?s).*
    file_list_1_policy = accept:save:save:save
    file_list_1_scanner = 0:1:2:/etc/procmail/viruscheck %FILENAME

    which seemed to work just fine.

    But when I add another file_list section to defang selected extensions, the
    new file_list pattern never gets matched.

    file_list_rules = 2
    # file_list_1 stuff unchanged from above

    # trivial example, not for production
    file_list_2 = (?i)\.(vbs|dll|scr)$
    file_list_2_policy = defang
    file_list_2_scanner = 0

    When I send a test.vbs attachment, it does not get defanged. According to
    the log trace, Rule 1 is matched but Rule 2 is never tested. If I then munge
    the pattern in Rule 1 such that nothing matches, Rule 2 is tested and
    matched.

    Is there any way to have Anomy continue down the rules list even after a
    match?

    On further reflection, I'm guessing not. Once a rule is matched and the part
    is processed, Anomy would have to "rewind" the stream to process the part
    again (assuming the part hadn't already been dropped or saved).

    Thanks,

    dvt



    hosted by molar.is