From 4d9d2f81dcab5348a2fd042752940b8c1b4d5276 Mon Sep 17 00:00:00 2001 From: Zhang Huangbin Date: Fri, 23 Jul 2021 16:23:41 +0800 Subject: [PATCH] New: iredadmin-pro.custom.ban.rules.html. --- .../2-iredadmin-pro.custom.ban.rules.md | 89 +++++++++++++++ html/index.html | 1 + html/iredadmin-pro.custom.ban.rules.html | 103 ++++++++++++++++++ 3 files changed, 193 insertions(+) create mode 100644 en_US/iredadmin/2-iredadmin-pro.custom.ban.rules.md create mode 100644 html/iredadmin-pro.custom.ban.rules.html diff --git a/en_US/iredadmin/2-iredadmin-pro.custom.ban.rules.md b/en_US/iredadmin/2-iredadmin-pro.custom.ban.rules.md new file mode 100644 index 00000000..3a4c85d8 --- /dev/null +++ b/en_US/iredadmin/2-iredadmin-pro.custom.ban.rules.md @@ -0,0 +1,89 @@ +# iRedAdmin-Pro: Custom (Amavisd) ban rules +[TOC] + +## Builtin ban rules + +iRedMail-1.4.1 ships 4 builtin Amavisd ban rules, they're defined in +[Amavisd config file](./file.locations.html#amavisd) like below: + +``` +%banned_rules = ( + # Allow all Microsoft Office documents. + 'ALLOW_MS_OFFICE' => new_RE([qr'.\.(doc|docx|xls|xlsx|ppt|pptx)$'i => 0]), + + # Allow Microsoft Word, Excel, PowerPoint documents separately. + 'ALLOW_MS_WORD' => new_RE([qr'.\.(doc|docx)$'i => 0]), + 'ALLOW_MS_EXCEL' => new_RE([qr'.\.(xls|xlsx)$'i => 0]), + 'ALLOW_MS_PPT' => new_RE([qr'.\.(ppt|pptx)$'i => 0]), + + # Default rule. + 'DEFAULT' => $banned_filename_re, +); +``` + +## Add new ban rules + +You're free to add new ban rules inside `%banned_rules = ();` parameter. +For example, let's add new rule `BLOCK_COMPRESS` to block few compress file +formats, and `ALLOW_PDF` to allow / bypass `.pdf` files: + +``` +%banned_rules = ( + # ... omit other existing rules here ... + + 'BLOCK_COMPRESS' => new_RE([qr'.\.(zip|7z|gz|bz2|tar|rar)$'i]), + 'ALLOW_PDF' => new_RE([qr'.\.pdf$'i => 0]), +) +``` + +Restarting Amavisd service is required after updated its config file. + +If you're running iRedAdmin-Pro, please list your custom rules in its config +file `/opt/www/iredadmin/settings.py` like below, so that you can use them +in per-user, per-domain and global `Spam Policy` page. + +``` +# Add this parameter if it doesn't exist. +# The syntax is (Python dictionary): +# { +# "rule-name-1": "comment-2", +# "rule-name-2": "comment-2", +# } +AMAVISD_BAN_RULES = { + "BLOCK_COMPRESS": "Block compressed files (zip, 7z, gz, bz2, tar, rar)", + "ALLOW_PDF": "Allow PDF files (.pdf) +} +``` + +Restarting "iredadmin" service is required after updated its config file. + +## How to use the ban rules + +### Assign ban rules with iRedAdmin-Pro + +With iRedAdmin-Pro, you can easily manage per-user, per-domain and global spam +policies, including ban rules. + +- For per-user ban rules, please go to user profile page, tab "__Spam Policy__". +- For per-domain ban rules, please go to domain profile page, tab "__Spam Policy__". +- For global ban rules, please click "__System__" on main navigation bar, then + choose "__Global Spam Policy__". + +Note: per-user spam policy has the highest priority, and global one has the +lowest priority. + +### Assign ban rules with SQL command line + +If you already define per-user, per-domain, or global spam policy with +iRedAdmin-Pro or manually, you can now assign these ban rules to them. + +For example, if you have spam policy for user `user@domain.com`, to allow +this user to accept Microsoft Word and Excel documents, you can run SQL +commands below to achieve it (Note: we use MySQL for example): + +``` +USE amavisd; +UPDATE policy SET banned_rulenames="ALLOW_MS_WORD,ALLOW_MS_EXCEL" WHERE policy_name="user@domain.com"; +``` + +Multiple rule names must be separated by comma. diff --git a/html/index.html b/html/index.html index 1acfa1ea..3ea9becb 100644 --- a/html/index.html +++ b/html/index.html @@ -216,6 +216,7 @@

iRedAdmin-Pro