[Top] [Prev] [Next] [Bottom]




Blocking documents


When a message is disassembled, the information contained in each component is assigned a classification. This classification is denoted by the ContainerClass attribute.

One of the classifications that may be assigned is Document. This denotes that the information is a compound document. Examples of compound documents are Word (.doc), PowerPoint (.ppt) and Excel (.xls).

MAILsweeper can be configured to detect and block documents. This is achieved by editing the [Validation] configuration section, to ensure that the DetectDocument directive is no longer commented out.

For MAILsweeper the [Validation]section is found in the validator configuration file, VALIDATE.CFG.

That is, change:

[Validation]
;DetectDocument=VALATTR

to

[Validation]
DetectDocument=VALATTR
The MAILsweeper service will have to be restarted for these changes to come into effect.

If DetectDocument is activated for MAILsweeper, any message with a document attached is discarded. The sender of the message is informed accordingly.

You may wish to block or allow documents for certain users or groups of users only.

This can be achieved by creating a new AMUcheck rule to name the users and then setting an attribute during AMUcheck validation. This attribute can subsequently be checked in the [DetectDocument] section, using a PerformIf directive (to block documents for certain users only) or a SkipIf directive (to allow documents for certain users only).

For example:



In AUTHFILE.TXT:

RESPONSE allow 
...
RESPONSE No_Documents PRIORITY 2

FROM *@* 
  To *@* allow            ;allow everything

FROM	user1@company.com ;List of users not allowed
	user2@company.com ;to send documents.
	user3@company.com
 To *@* No_Documents

FINISH

A new AMUcheck rule is defined.

In this example, the rule names the users not allowed to send documents.1 When the addresses of a message match with this rule the <Response> generated by AMUcheck is No_Documents.

A new RESPONSE statement is also listed in the first section of the file, to define the No_Documents <Response>.

In VALIDATE.CFG:

[AMU]
AuthFile=C:\MSW\CONFIG\AUTHFILE.TXT
If=No_Documents, NoDocuments=TRUE, allow

If the <Response> generated by AMUcheck is No_Documents then an attribute called NoDocuments is created, with the value TRUE.

This is the attribute that is checked by the PerformIf directive in the [DetectDocument]configuration section.

The <Response> is then reset to allow. This is the actual <Response> generated by AMUcheck. It allows the message to be delivered normally, assuming no higher priority <Response> is generated by one of the configured plug-in validator instances.

[DetectDocument]
PerformIf=NoDocuments==TRUE
HaveDocument=ContainerClass==Document

The value of the NoDocuments attribute is checked in the [DetectDocument] configuration section, using a PerformIf directive.

If the value is TRUE then checking by the [DetectDocument] section is performed.

For a similar configuration, using SkipIf to allow documents for certain users only, see the blocking executables example on page 5-26.

See the AMUcheck section on page 7-97 for more details. Also, for more details on the If, PerformIf and SkipIf directives, see the Common validator directives section on page 7-102.
 


[Top] [Prev] [Next] [Bottom]



1 Checking for documents needs only to be performed for these users. This is achieved by including a PerformIf directive in the [DetectDocument] section.

msw.support@mimesweeper.com

Copyright © 1998, Content Technologies Limited. All rights reserved.