差異處

這裏顯示兩個版本的差異處。

--- tech:mailscannertips [2010/10/10 17:15] – 建立 jonathan
+++ tech:mailscannertips [2012/05/14 17:23] (目前版本) – [3 設定可支援 Outlook 的 winmail.dat] jonathan
@@ 行 1: / 行 1: @@
+====== MailScanner 技巧整理 ======
+===== - 正常信件出現內容誤判病毒 =====
+  * 當 UTF-8 編碼的信件出現 **Warning: E-mail viruses detected**<file>
+Our e-mail content detector has just been triggered by a message you sent:
+  To: [email protected]
+  Subject: 2.UTF-8???????
+  Date: Sun Oct 10 16:46:37 2010
+One or more of the attachments (msg-20952-4.txt) are on
+the list of unacceptable attachments for this site and will not have
+been delivered.
+Consider renaming the files to avoid this constraint.
+The virus detector said this about the message:
+Report: Report: MailScanner: No programs allowed (msg-20952-4.txt)
+-- MailScanner Email Virus Scanner Trysoft Corp. www.ichiayi.com For all your IT requirements visit: http://www.transtec.co.uk
+</file>
+  * 需要更改 /etc/MailScanner/filetype.rules.conf 將 deny executable 前面加上# 重新啟動 MailScanner <file>
+:
+deny    self-extract    No self-extracting archives     No self-extracting archives allowed
+#deny   executable      No executables          No programs allowed
+#EXAMPLE: deny  -       x-dosexec       No DOS executables      No DOS programs allowed
+:
+</file>
+===== - 設定信任 IP 網址避免內容出現警告釣魚網站訊息 =====
+  * 假設信任的 SMTP IP 網址為
+    * 192.168.11.xx
+  * 假設信任的 URL IP 網址為
+    * 140.92.140.88
+  * 編輯 /etc/MailScanner/MailScanner.conf <file>
+:
+#Also Find Numeric Phishing = yes
+Also Find Numeric Phishing = %rules-dir%/phishing.rules
+:
+Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf
+:
+</file>
+  * 編輯 /etc/MailScanner/rules/phishing.rules <file>
+# Trust SMTP subnets
+From:   192.168.11.        no
+FromOrTo:       default yes
+</file>
+  * 編輯 /etc/MailScanner/phishing.safe.sites.conf <file>
+:
+:
+.92.140.88
+</file>自動更新後仍然會保留自己加入的部份.
+  * 重新載入 MailScanner 設定<code sh>
+service MailScanner reload
+</code>
+===== - 設定對 Outlook 所產生無法剖析的 winmail.dat 放行 =====
+  * 這樣的設定, 要承擔當 winmail.dat 是病毒的風險問題
+  * 也可以選擇關閉 outlook 產生 winmail.dat 的設定, [[http://support.microsoft.com/kb/278061/zh-tw|點這裡參考微軟的官方說明]]
+  * 編輯 /etc/MailScanner/MailScanner.conf <file>
+:
+# When the TNEF (winmail.dat) attachments are expanded, should the
+# attachments contained in there be added to the list of attachments in
+# the message?
+# If you set this to "add" or "replace" then recipients of messages sent
+# in "Outlook Rich Text Format" (TNEF) will be able to read the attachments
+# if they are not using Microsoft Outlook.
+#
+# no      => Leave winmail.dat TNEF attachments alone.
+# add     => Add the contents of winmail.dat as extra attachments, but also
+#            still include the winmail.dat file itself. This will result in
+#            TNEF messages being doubled in size.
+# replace => Replace the winmail.dat TNEF attachment with the files it
+#            contains, and delete the original winmail.dat file itself.
+#            This means the message stays the same size, but is usable by
+#            non-Outlook recipients.
+#
+# This can also be the filename of a ruleset.
+Use TNEF Contents = replace
+# Some versions of Microsoft Outlook generate unparsable Rich Text
+# format attachments. Do we want to deliver these bad attachments anyway?
+# Setting this to yes introduces the slight risk of a virus getting through,
+# but if you have a lot of troubled Outlook users you might need to do this.
+# We are working on a replacement for the TNEF decoder.
+# This can also be the filename of a ruleset.
+Deliver Unparsable TNEF = yes
+:
+</file>
+  * 重新載入 MailScanner 設定<code sh>
+service MailScanner reload
+</code>
+===== 參考資料 =====
+  * http://chihping.aflypen.com/2090.html
+  * http://phorum.study-area.org/index.php?topic=54475.0;wap2
+  * http://lists.mailscanner.info/pipermail/mailscanner/2009-February/090271.html
+  * http://www.cjbuckley.net/blog/2007/01/28/working-around-outlook-brokeness/
+{{tag>MailScanner mail}}