Hi Dude, today I will write a story about handling spam emails that have an encrypted zip file attachment. This article about simple tips for amavis block encrypted zip. Lots of incoming emails, with impersonate email features and looks like a true email sender.
So the end user receives a lot of email with an encrypted zip attachment email pattern. Amavisd does know its protected, the subject line gets changed to ***UNCHECKED ***.
At first, i am install zip package for scan archive file in email messages.
yum -y install gzip unzip zip
Read more: Install Winrar On Linux From Source
And then edit, amavisd.conf. Just add UNDECIPHERABLE to the list of banned file names in amavisd.conf and all encrypted zips will be blocked.
root@server# vim /etc/amavisd/amavisd.conf
$banned_filename_re = new_RE(
qr'^UNDECIPHERABLE$', # is or contains any undecipherable components
But this method has a global impact and is false positive. If there is a correct email that has a zip file attachment, the passwordd file will also be blocked.
If we send email to server that implemented, we will get error like this.
Our content checker found banned name: 2022-07-06_1311.xls,UNDECIPHERABLE
That is amavis block encrypted zip. The last, how to bypass or whitelist email valid but rejected impact from this rule? See in this Article How to Bypass amavisd Filter Check. for certain purposes, we can bypass to allow incoming email which is blocked by amavis. We must be careful in determining this rule, because there is no more filtering.
It’s a good idea to use a paid anti-spam and anti-virus service, or a cloud-based enterprise. Sysadmins not always think about email, they can focus more on other system improvements besides email.
Let's Buy Me Coffee. https://saweria.co/habibzain https://ko-fi.com/habibzain