Allow exim's "dangerous attachments" list to be modified from Exim Basic Editor
As a systems administrator, I would like to be able to edit the list of "Dangerous Attachment" types from the Exim Basic Editor. I would like to be able to customize this list without loosing the ability to receive cPanel's regular updates to the other sections of the system filter file.
Currently this is done by creating a custom exim system filter file:
http://documentation.cpanel.net/display/ALD/Customize+the+Exim+System+Filter+File
However, this is used, regular cPanel updates to the system filter file are not used (because the custom filter is being used).
This might also be seen as a step towards implementing the following feature request:
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
As a server admin, I would also like to see this feature. The default list includes .eml attachments, which caused me problems on my production server. This is the extension that is used by Thunderbird when you forward an email as an attachment. I need to be able to remove .eml from this list permanently.
It's not useful in production to filter out all .eml attachments without inspection, as the vast majority of them are harmless. Without a malware scanner confirming that an attachment is malicious, simply blocking all standard email attachment files is cumbersome and makes for a lot of unnecessary bounce messages.
As a server admin, I would also like to see this feature. The default list includes .eml attachments, which caused me problems on my production server. This is the extension that is used by Thunderbird when you forward an email as an attachment. I need to be able to remove .eml from this list permanently.
It's not useful in production to filter out all .eml attachments without inspection, as the vast majority of them are harmless. Without a malware scanner confirming that an attachment is malicious, simply blocking all standard email attachment files is cumbersome and makes for a lot of unnecessary bounce messages.
I agree with this one too
I agree with this one too
We need this too.
I've just manually duplicated /etc/cpanel_exim_system_filter_custom and manually removed all 4 instances of the eml extension, but I don't like doing this as it could cause issues in the future.
We should have an editor to add / remove disallowed file extensions in a way that other settings and modifications by cPanel updates in /etc/cpanel_exim_system_filter are preserved.
If you could just store the file extensions in a file and regenerate /etc/cpanel_exim_system_filter using these extensions it would be great ! :)
We need this too.
I've just manually duplicated /etc/cpanel_exim_system_filter_custom and manually removed all 4 instances of the eml extension, but I don't like doing this as it could cause issues in the future.
We should have an editor to add / remove disallowed file extensions in a way that other settings and modifications by cPanel updates in /etc/cpanel_exim_system_filter are preserved.
If you could just store the file extensions in a file and regenerate /etc/cpanel_exim_system_filter using these extensions it would be great ! :)
This is really needed by Italian providers.
In Italy we have PEC emails (certificated email system) which runs over .eml attachments formats.
Every cPanel system start with a predefined set of settings that do not allows PEC email to be delivered to standard email systems.
Working with custom filters means:
- custom's changes overwritten every time cPanel is upgraded, or
- point to a custom filter file that'll not be updated, with most updated information, forever
This is really needed by Italian providers.
In Italy we have PEC emails (certificated email system) which runs over .eml attachments formats.
Every cPanel system start with a predefined set of settings that do not allows PEC email to be delivered to standard email systems.
Working with custom filters means:
- custom's changes overwritten every time cPanel is upgraded, or
- point to a custom filter file that'll not be updated, with most updated information, forever
As a reseller user, we find that on our user level, we are unable to alter this for hosted domains. We agree with phoenixweb, and also have similar demands from others. We need to have the option to alter this on the user level, not just the server level.
As a reseller user, we find that on our user level, we are unable to alter this for hosted domains. We agree with phoenixweb, and also have similar demands from others. We need to have the option to alter this on the user level, not just the server level.
How about doing it another (efficient) way. Block all attachments, and only allow the specific attachments you want in a whitelist. This way, admins can add any attachments to the whitelist, and not worry about unknown ones (as those unknown, would be blocked).
How about doing it another (efficient) way. Block all attachments, and only allow the specific attachments you want in a whitelist. This way, admins can add any attachments to the whitelist, and not worry about unknown ones (as those unknown, would be blocked).
For info, I don't use a custom system filter, I use a custom 'attachments-new' filter and activate it from WHM. That way the system filter is still updated.
Not sure if this could be amended to vary by domain, but it seems to be a possibility.
For info, I don't use a custom system filter, I use a custom 'attachments-new' filter and activate it from WHM. That way the system filter is still updated.
Not sure if this could be amended to vary by domain, but it seems to be a possibility.
The problem is, if we edit the file: /usr/local/cpanel/etc/exim/sysfilter/options/attachments
When cPanel runs an update, it updates the file it and we lose the custom settings.
And if we do what it says in this link: https://forums.cpanel.net/threads/allow-eml-extension-attachment-on-server.70037/
The disadvantage is that updates made by cPanel will not be applied to our server.
It is important for this reason that cPanel includes as a variable the allowed extensions, so we can customize them.
Thank you!
The problem is, if we edit the file: /usr/local/cpanel/etc/exim/sysfilter/options/attachments
When cPanel runs an update, it updates the file it and we lose the custom settings.
And if we do what it says in this link: https://forums.cpanel.net/threads/allow-eml-extension-attachment-on-server.70037/
The disadvantage is that updates made by cPanel will not be applied to our server.
It is important for this reason that cPanel includes as a variable the allowed extensions, so we can customize them.
Thank you!
Replies have been locked on this page!