Hello,
one of my user have something strange with one of his contact's email.
problem come from this rules in system_filter.exim and specialy this "[^\"]*":
When you have email like this one:
rules is activated by last ".com " and exim reject email.
So if i understand the rules, this expression "[^\"]*" select all caracter and space and newline except ", and the problem is newline!
If newline can be select (and ; that define of "name=" line) the rules continu check message body, and when find .com with space after (|com| and [\\\\s;]) it thinking that is extension of file, so for resolve this i modify it by this one: [^\"\n;]*
And all working fine rules check only the "name=" line and stop at is end.
Perhaps that can help others
P.S: i make test and not finding bug but if you thinking it's not good say it
P.P.S: sorry for my english
one of my user have something strange with one of his contact's email.
problem come from this rules in system_filter.exim and specialy this "[^\"]*":
# Fudge to catch Klez virus (mal formed mime details, unquoted filename with spaces)
if $message_body matches "Content-Type?>\\\\s*)[\\\\w-]+/[\\\\w-]+;\\\\s*(?:name)=([^\" ]+ [^\"]*\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|sc[mrt]|shs|url|vb[se]?|ws[fhc]))[\\\\s;]"
then
seen finish
endif
When you have email like this one:
rules is activated by last ".com " and exim reject email.
So if i understand the rules, this expression "[^\"]*" select all caracter and space and newline except ", and the problem is newline!
If newline can be select (and ; that define of "name=" line) the rules continu check message body, and when find .com with space after (|com| and [\\\\s;]) it thinking that is extension of file, so for resolve this i modify it by this one: [^\"\n;]*
And all working fine rules check only the "name=" line and stop at is end.
Perhaps that can help others
P.S: i make test and not finding bug but if you thinking it's not good say it
P.P.S: sorry for my english
Last edited: