Banned extensio advice

[mario]

I have searched the forum but no results for my problem.
An user did send some days ago an email with a .docx attachment.
The attachment was banned and I can find the following message in the admin mailbox:
No viruses were found.
Banned name: .wmf,docProps/thumbnail.wmf
Content type: Banned
Internal reference code for the message is 03749-08/AO8Y0kLKEmzc
First upstream SMTP client IP address: [xxx.xxx.xxx.xxx]
mailserver.xxxxx.xxxx.it
According to a 'Received:' trace, the message apparently originated at:
[xxx.xxx.xxx.xxx], mailserver.xxxxx.xxxx.it mailserver.xxxxx.xxxx.it
[xxx.xxx.xxx.xxx]

Return-Path: <xxxxxx@xxxxx.xxxxx.it>
From: Xxxxxx Xxxxxxx <xxxxxx@xxxxx.xxxxx.it>
Message-ID: <4780602.378.1297765870603.JavaMail.root@mailserve r>
Subject: xxxxxxxxx
The message has been quarantined as: banned-AO8Y0kLKEmzc

The message WAS NOT relayed to:
<xxxxxx@xxxxx.xxxxx.it>:
554 5.7.0 Reject, id=03749-08 - BANNED: .wmf,docProps/thumbnail.wmf

But the sender was not informed of the blocked email.

I have tried to send a banned extension file and zimbra does not allow sending the message but if I try to send that .docx file the message seems to be accepted for delivery.
It has been tested with zimbra webmail and with thunderbird, same results.

It is a problem because if a message is blocked the sender must be informed of this.

Any help is appreciated.

Mario

[mavlenko]

Is there "Send blocked extension notification to recipient" checkbox checked on Global settings tab ?

[mario]

The "Send blocked extension notification to recipient" checkbox on Global settings tab is not checked because I don't want to send any notification to the destination recipient.

The problem is that the sender that should (must) receive an advice if the message has been accepted for delivery and after this it is banned.

[mavlenko]

If "Send blocked extension notification to recipient" checkbox checked - zimbra send notification to both sender and recipient, if not checked - nobody receive notifications. Maybe not exactly what do you want but working exactly so. I think it's reasonable that destination recipient notified about not receiving some e-mails.

[dipeshmehta]

Quote:

Originally Posted by mavlenko

If "Send blocked extension notification to recipient" checkbox checked - zimbra send notification to both sender and recipient,

in such case, if a spammer sends mail with such blocked extension like .scr or .pif, both gets notification which actually confirms spammer that email id is active. IMO, notification needs to be to recipient only, not the sender.

Dipesh

[mavlenko]

post #5

Quote:

IMO, notification needs to be to recipient only, not the sender.

and post #3

Quote:

The problem is that the sender that should (must) receive an advice if the message has been accepted for delivery and after this it is banned.

You don't understand what do you want exactly: somebody want's to receive and somebody want's not to receive
Open a bug report and vote for it, maybe developers make this checkbox more customizable

[mario]

Quote:

Originally Posted by mavlenko

You don't understand what do you want exactly: somebody want's to receive and somebody want's not to receive
Open a bug report and vote for it, maybe developers make this checkbox more customizable

This is a good idea.

Anyway I have checked the "Send blocked extension notification to recipient" checkbox and there is an other problem

The advice of blocked email is delivered only to external recipient and to the admin of the domain, internal recipient does not receive the advice
Probably there is some misconfigured on my Zimbra server.
Some idea where to look?

[mario]

Found something.
The problems is because all our email address are alias except the admin address.
We use an external LDAP for authentication and because the username is like a123456 all our account are aliased with the real name or something readable.
So we have additional settings in Canonical address, From and Reply-To set to the alias.
The admin account doesn't has any set in Canonical address, From and Reply-To.

In the zimbra.log I found that zimbra tries to send the advice of banned attach but there is a postfix error like this:
Feb 16 12:19:48 mailserver postfix/error[24548]: 23DA3628095: to=<mvarelli@my.domain.com>, relay=none, delay=0.05, delays=0.02/0.01/0/0.01, dsn=5.0.0, status=bounced (my.domain.com)

If the sender is the admin the log is this:
Feb 16 12:32:23 mailserver postfix/lmtp[28120]: 40CE3628089: to=<admin@my.domain.com>, relay=mailserver.my.domain.com[xxx.xxx.xxx.xxx]:7025, delay=0.13, delays=0.03/0/0/0.09, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)

It looks like if the sender is an alias of an internal address zimbra does not recognize it and fail to send the advice.

If i remove all the settings from my account (Canonical address, From and Reply-To) the advice is sent and the log is this:
Feb 16 15:38:36 mailserver postfix/lmtp[6370]: C07E4BBC364: to=<axxxxxx@my.domain.com>, relay=mailserver.my.domain.com[xxx.xxx.xxx.xxx]:7025, delay=0.1, delays=0.02/0/0/0.08, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)

The server is running fine from 2007 with 300+ accounts and yes internal messages are delivered correctly.

Now the problem is if this is a bug or there is something wrong in my configuration.