Getmail - Attachments

,

Under Nethserver 7.3x, no attachments are blocked, which are fetched via Get3 via POP3, neither archives nor individual settings are processed. I believe it is located at the Gentmail, Amavis does not get from the brought mail, it passes Amavis. Do you have such mistakes, too? I have reinstalled the Systen and installed only Getmail and SOGO, then by AD the users fetched and a retrieval via POP3 SSL set up. Not a single appendix is blocked, as in the mailsettings, blocked. Does anyone have a clue??

Mai messages fetched by getmail don’t get filter via amavis.

You can only filter messaged for spam and virus.

It’s possible to resolve this issue?

There are a lot of people that have their mail server in internet and can’t (or don’t want) to point their MX record directly on the Nethserver…

What about the quarantine of virus mail the bottle has been recognized and what is still Amavis? Local mails with attachments will be forwarded so nevertheless. Is the Nethserver now only to be used by SMTP? I used it as a Proxymailserver in the 6.9 and wanted to use him only exclude. I have installed a Sophos virus scanner in Amavis, how is this with Getmail?

It’s not an issue, it’s the desired behavior :slight_smile:
We don’t want to use amavis with getmail: this choice has been taken to avoid any bounce-related problem.

I know, but in this case NethServer is not a mail server and I don’t see any real reason to use it in this way.
If you have a remote mail server, you can access it with any existing mail client (roundcybe includes).
Also, IMHO, you should apply the filtering in the original mail server since is much more efficient then getmail.

Beside this, you can also try to implement attachments removal using altermime as external filter for getmail.
We don’t have plans to do it right now, and I don’t even now if it can work.

Amavis is used when the machine is a real mail server and receives mails using SMTP protocol.
Virus check is done using clamscan. If a virus is found, the mail is dropped.

No, NS is a fully-featured SMTP/IMAP mail server.

You need to use Sophos client adsexternal filter for getmail, in the same way we do with clamscan.
Please see:

1 Like

Sorry, but I consider it an issue…

There are people that use NethServer as complete mail server beside they download mail with a pop3 connector and desired to have all the functionalities and protections that Nethserver offers.

In a sale negotiation or in some configurations we don’t have the full control of the internet connections or the network of the customers, or we can’t modify some existing configurations.

We can’t offer a “castrate” service only because the mails come in Nethserver from a way than another…

But I think that we have to discuss it in another place …

If the machine isn’t a real mail server, you will always have limitations because mail protocols are not designed to work this way :smiley:

Please, we can continue here, this is the right place to discuss features and bugs :slight_smile:

Since only two people asked for this feature, as always, we can start with some experiment, then write a document.
When more people will be interested in such a function, we can add it to the standard core.

In the meanwhile, @saitobenkei and @kunstlust would you like to try the proposed implementation?

If the machine isn’t a real mail server, you will always have limitations because mail protocols are not designed to work this way :smiley:

In a “user of the server” (customers) perspective, it’s as mail server because it’s has connected various clients, smartphones, etc… and he “doesn’t care” where the mail come from… He expects that the server makes his “dirty work” and doesn’t have limitations .

There are some situations out there where we have to make some sort of miracles because we don’t have control over all the network structure, the domain registration, the internet connection (ISP that block ports, routers with inaccessible configurations, dynamic IPs), etc…

You know, I’m a sort of the “troll” here that use the “enterprise” version of Nethesis products.
I’m trying to understand where the “wind is blowing” here and what I have to expect in the “enterprise” versions in the future and to make a sort of “lobbying” for what I consider lacking in the product :smiley:
(Feel free to delete my last sentences if these may cause problems).

2 Likes

With the version 6.9 everything still without problems. If I get via SMTP my Mails by MX, I need no GETMAIL. The explanations are therefore partial in part. For a normal admin it is also hardly to understand why the one excludes the other, where there is not even an indication. It may be that the GETMAIl is much more modern, but Fetchmail has always done his job well, why do not I just have the selection in the software overview? There is probably also a possibility in Getmail [destination] to send it via Sendmail, unfortunately has not worked with me yet so right. Can someone tell me how to use the Nethservr 7.3x?

The customer is right, but we all know that there is no magic here :smiley:
We are trying to achieve the best we can with the software which has fewer bugs :wink:

I really appreciate your commitment to the community and all your requests are more than legitimate!

Do you think we should add something on the manual? What we need to explain better?[quote=“kunstlust, post:9, topic:6650”]
but Fetchmail has always done his job well, why do not I just have the selection in the software overview?
[/quote]

We encountered many problems with Fetchmail which doesn’t behave well with many providers.
Also the old implement could be affected by double-bounce problem in some situations.

You can already use it, the only difference with old implementation is that you can’t filter attachments by extensions or mime-type.
But as you said before, you can try to filter using altermime.

Again, I wouldn’t go with sendmail to avoid bounce problems.

1 Like

Since most Nethserver are in the SOHO range, a POP / IMAP call is the way to go in the first line. I used to install some SME servers with small customers and find the Nethserver really very good. But a filter functions that I can set that has no flow to the common configuration is just as dangerous. I would like e.g. Not the * .doc assumption, since most viruses come over it. I run the in the 6.9 into a quarantine and send you to the user request. It would be better if he could do it himself. It is about creating a buffer, which prevents a fast opening. There is indeed Webfronendt for the Amavis quarantine, which do not run on the Nethserver. The best thing would be in Roundcube, what Mime or filters can, which goes with a Sivescript, but a Gui would be nicer :slight_smile:

Do you use for the append a legal note to sent messages, altermime? Can someone show an example for blocking * .doc? It does not have to be filtered by Getmail, it would also go by script, which puts everything in INBOX / DOC

https://msg.wikidoc.info/index.php/Sieve_mime_extension
I can use this in Roundcube?

I don’t know, just try and share! :wink:

Dovecot supports mime extensions, but roundcube still doesn’t.
Things may change:

In other words, you could write sieve rules with mime ext, but not using the rc web interface.

1 Like

I would like to have it run over a System before.sieve script. Setting in “/etc/e-smith/templates/var/lib/nethserver/sieve-scripts/before.sieve/10junkmail” will not be sent via signal-event nethserver-mail-filter-update
I’m doing something wrong?

If you need to customize the system sieve script do the following:

mkdir -p /etc/e-smith/templates-custom/var/lib/nethserver/sieve-scripts/before.sieve/
echo "your code" >> /etc/e-smith/templates-custom/var/lib/nethserver/sieve-scripts/before.sieve/40custom
expand-template /var/lib/nethserver/sieve-scripts/before.sieve
expand-template /etc/dovecot/dovecot.conf
systemctl restart dovecot

Thank you

The script first only tests the function, the MIME detection, however, it does not run with some errors when expanding. But I do not understand. The foreverypart is already implemented?

require [“reject”,“mime”,“foreverypart”];
foreverypart { if header :mime :param “filename” :matches [“Content-Type”, “Content-Disposition”] [".com", ".exe", “.vbs", ".scr”, “.pif", ".hta”, “.bat", ".zip” ]
{reject “Executable attachments rejected by filter”; stop; } }

Even the example script of Sieve does not go, what could it be?

The template has a different spelling than the original Sieve script, which I have now noticed, unfortunately, I have no basis for how this template can be used. I used the 10junkmail as the basis and also understand the transfer of the variables to the EOF, but most other templates such as With Amavis I can create the template as well as the output, why is this different here?