[Top] [Prev] [Next] [Bottom]




Blocking binary files


When a message is disassembled, the information contained in each component is assigned a classification. This classification is denoted by the ContainerClass attribute.

One of the classifications that may be assigned is Binary. This denotes that the information is a data file containing binary information. For example, a database file.

MAILsweeper can be configured to detect and block binary files. This is achieved by editing the [Validation] configuration section, to ensure that the DetectBinary directive is no longer commented out.

For MAILsweeper the [Validation]section is found in the validator configuration file, VALIDATE.CFG.

That is, change:

[Validation]
;DetectBinary=VALATTR

to

[Validation]
DetectBinary=VALATTR
The MAILsweeper service will have to be restarted for these changes to come into effect.

If DetectBinary is activated for MAILsweeper, any message with a binary file attached is discarded. The sender of the message is informed accordingly.

You may wish to block or allow binary files for certain users or groups of users only.

This can be achieved by creating a new AMUcheck rule to name the users and then setting an attribute during AMUcheck validation. This attribute can subsequently be checked in the [DetectBinary] section, using a PerformIf directive (to block binary files for certain users only) or a SkipIf directive (to allow binary files for certain users only).

For example:



In AUTHFILE.TXT:

RESPONSE allow 
RESPONSE isjunkmail PRIORITY 1
RESPONSE copyadministrator PRIORITY 1
RESPONSE deny PRIORITY 2
RESPONSE Allow_Binary PRIORITY 1

FROM *@* 
  To *@* allow            ;allow everything

FROM	user1@company.com ;List of users allowed
	user2@company.com ;to send binary files.
 	user3@company.com
 To *@* Allow_Binary

FINISH

A new AMUcheck rule is defined.

In this example, the rule names the users allowed to send binary files.1 When the addresses of a message match with this rule the <Response> generated by AMUcheck is Allow_Binary.

A new RESPONSE statement is also listed in the first section of the file, to define the Allow_Binary <Response>.

In VALIDATE.CFG:

[AMU]
AuthFile=C:\MSW\CONFIG\AUTHFILE.TXT
If=Allow_Binary, AllowBinary=TRUE, allow

If the <Response> generated by AMUcheck is Allow_Binary then an attribute called AllowBinary is created, with the value TRUE.

This is the attribute that is checked by the SkipIf directive in the [DetectBinary] configuration section.

The <Response> is then reset to allow. This is the actual <Response> generated by AMUcheck. It allows the message to be delivered normally, assuming no higher priority <Response> is generated by one of the configured plug-in validator instances.

[DetectBinary]
SkipIf=AllowBinary==TRUE
HaveBinary=ContainerClass==Binary

The value of the AllowBinary attribute is checked in the [DetectBinary] configuration section, using the SkipIf directive.

If the value is TRUE then checking by the [DetectBinary] section is skipped.

For a similar configuration, using PerformIf to block binary files for certain users only, see the blocking attachments example on page 5-29.

See the AMUcheck section on page 7-97 for more details. Also, for more details on the If, PerformIf and SkipIf directives, see the Common validator directives section on page 7-102.



[Top] [Prev] [Next] [Bottom]



1 These users are allowed to send binary files, so checking can be skipped. This is achieved by including a SkipIf directive in the [DetectBinary] section.

msw.support@mimesweeper.com

Copyright © 1998, Content Technologies Limited. All rights reserved.