No, it doesn't as far as I can tell.
Also see
this post which refers to
this RFE/bug.
I've been researching this over the last few days as it major issues for several Zimbra sites which I administer.
The attachment blocking is part of the Postfix header checks - see /opt/zimbra/conf/postfix_header_checks
================================================== =============================================
/filename=\"?(.*)\.(bat|cmd|com|exe|pif|scr)\"?$/
REJECT For security reasons we reject attachments of this type
/^\s*Content-(Disposition|Type).*name\s*=\s*"?(.+\.(bat|cmd|com |exe|pif|scr))"?\s*$/
REJECT Attachment type not allowed. File "$2" has the unacceptable extension "$3"
================================================== =============================================
I've been looking into modifying the Amavis configuration file to detect .exe files within .zip files but I haven't had a chance to do this yet.
In the file /opt/zimbra/conf/amavisd.conf.in, there is this section which has every test commented out:
$banned_filename_re = new_RE(
# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components
# block certain double extensions anywhere in the base name
#qr'\.[^./]*[A-Za-z][^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
# qr'\{[0-9a-z]{4,}(-[0-9a-z]{4,}){0,7}\}?'i, # Class ID extensions - CLSID
# qr'^application/x-msdownload$'i, # block these MIME types
# qr'^application/x-msdos-program$'i,
# qr'^application/hta$'i,
# qr'^(application/x-msmetafile|image/x-wmf)$'i, # Windows Metafile MIME
# qr'^\.wmf$', # Windows Metafile file(1) type
# qr'^message/partial$'i, # rfc2046 MIME type
# qr'^message/external-body$'i, # rfc2046 MIME type
# [ qr'^\.(Z|gz|bz2)$' => 0 ], # allow any in Unix-compressed
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within such archives
#qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf |exe|fxp|grp|hlp|hta|
# inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc |msi|msp|mst|
# ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs|
# wmf|wsc|wsf|wsh)$'ix, # banned ext - long
# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab.
#qr'^\.(exe-ms)$', # banned file(1) types
# qr'^\.(exe|lha|tnef|cab|dll)$', # banned file(1) types
);
I was going to try uncommenting some of these tests.
Anyone from Zimbra care to comment about the workings of Amavis and whether this will work?
Angus