I’m having trouble with a mail filter rule on my pmg setup.
My idea is to allow normal ZIP attachments, because modern office files like .docx and .xlsx are actually ZIP containers, but I want to block specific file types if they exist inside the archive ( .vbs, .exe, .lnk, etc).
created a Match Archive Filename object with this regex
added a rule using that object with Action: Block and Direction: In.
I can see in the logs that PMG successfully unpacks the archive, for example:
when I send an email containing test.zip with a file named test.vbs inside, the message is still delivered to the inbox. The rule never seems to trigger, even though the regex test itself works fine in the GUI
Has anyone managed to get “Match Archive Filename” working for files inside ZIPs on recent PMG versions?
My idea is to allow normal ZIP attachments, because modern office files like .docx and .xlsx are actually ZIP containers, but I want to block specific file types if they exist inside the archive ( .vbs, .exe, .lnk, etc).
created a Match Archive Filename object with this regex
Code:
(?i)^.*\.(exe|vbs|vbe|js|jse|ps1|bat|cmd|pif|lnk|shs|shb|scr|iso|img|msi|chm|hta|jar|wsf|cab|vhd|vhdx|url)$added a rule using that object with Action: Block and Direction: In.
I can see in the logs that PMG successfully unpacks the archive, for example:
Code:
found archive 'test-1.zip' (application/zip)
unpack archive 'test-1.zip' done (60 ms)when I send an email containing test.zip with a file named test.vbs inside, the message is still delivered to the inbox. The rule never seems to trigger, even though the regex test itself works fine in the GUI
Has anyone managed to get “Match Archive Filename” working for files inside ZIPs on recent PMG versions?
