Exim rejecting messages with .eml attachments

jlpeifer

Verified User
Joined
Jun 6, 2006
Messages
97
Users have reported if a person replies to an email they send, the reply never gets back to them. Additionally, some users report that email messages forwarded to them never make it through.

An exploration of the Exim log file reveals that email messages received with ".eml" attachments are being bounced.

Specifically, the error reads, "2006-07-11 11:02:12 1G0Jka-0006wE-2q cancelled by system filter: This message has been rejected because it has\na potentially executable attachment\n (null).eml\nThis form of attachment has been used by\nrecent viruses or other malware.\nIf you meant to send this file then please\npackage it up as a zip file and resend it."

I'd prefer that messages with .eml attachments go through without interference. What can I do to stop this from happening?
 
Make a backup of /etc/system_filter.exim

Edit /etc/system_filter.exim and remove all references to "eml" (you'll have to remove the following pipe character "|" that follows the eml entry). Note that "eml" is referenced about 4 times within the file. Each will need to be removed

Restart exim service... DA Control Panel --> Admin Level --> Service Monitor --> (exim) Restart

Security precaution! "eml" attachments have been used to transport viruses to email recipients. Disabling this feature exposes your customers to a potential security risk. A current AntiVirus program on email recipients' workstations should stop any incoming threat (assumng they have such a thing installed).
 
jlpeifer said:

Edit /etc/system_filter.exim and remove all references to "eml" (you'll have to remove the following pipe character "|" that follows the eml entry). Note that "eml" is referenced about 4 times within the file. Each will need to be removed

Restart exim service... DA Control Panel --> Admin Level --> Service Monitor --> (exim) Restart

I do it all, but messages all the same rejected. Please, promt to me what is the problem?
 
Last edited:
I know this is a little old but I had the same problem. I went into /etc/system_filter.exim like mentioned and I removed 'eml|' in 4 different spots, restarted exim, and all is good now.

Check the entire file to make sure you removed all eml| related items.
 
Hate to bump a thread so old, but anyone still having this issue? We have an admin server we need to open up .eml extensions for since several FBLs include them as the attachment. I have edited all instances of .eml out of the filters I can, but we are still getting rejects.
 
Sorry but the exim filter file is the only thing that would reject it you have to show more information.
 
I edited the /etc/system_filter.exim because i needed to receive a message that got blocked, but I think it would be better to insert a rule in spamassassin in order to receive those messages if the sender is whitelisted or to receive them in the spam folder.
Is there a related spamassassin rule?
 
Back
Top