Wechseln zu:Navigation, Suche
Wiki
KKeine Bearbeitungszusammenfassung
Keine Bearbeitungszusammenfassung
 
(9 dazwischenliegende Versionen von 6 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
Passend zu unserem HOWTO zur Filterung von Office Dokumenten finden Sie hier vorbereitete CLI Kommando Sets die entsprechende Filterregeln im Mailfilter der Securepoint UTM erzeugen.
Passend zu unserem HOWTO zur Filterung von Office Dokumenten finden Sie hier vorbereitete CLI Kommando Sets, die die entsprechenden Filterregeln im Mailfilter der Securepoint NextGen UTM erzeugen. Lesen Sie sich diese Anleitung vollständig durch, bevor Sie Änderungen vornehmen.


Bitte beachten Sie, dass die Syntax auf der Securepoint UTM 11.6.x basierend ist.
Bitte beachten Sie, dass die hier aufgeführte Syntax für die Securepoint NextGen UTM 11.7.x optimiert ist.


Die mit # anfangenden Zeilen sind keine CLI Kommandos und können vorher entfernt werden. Sie können diese auch mit auf die Konsole kopieren, müssen dann die Fehler der Ausgabe entsprechend ignorieren.
Die mit den # beginnenden Zeilen sind Kommentare, die für die Ausführung der Skripte nicht benötigt werden und somit vorher entfernt werden können. Etwaige auftretende Fehler bei dem Belassen der Kommentare im Skript müssen ignoriert werden.


So verwenden Sie die CLI Kommando Sets:
So verwenden Sie die CLI Kommando Sets:
Melden Sie sich als Benutzer admin über ssh mit einem entsprechenden SSH Client (wie z.B. Putty) an der Securepoint UTM Firewall an. Kopieren Sie das für Sie passende Script (SMTP, POP3 oder MAILCONNECTOR) und fügen Sie dies auf der Oberfläche der UTM ein.
Melden Sie sich als Benutzer „admin“ über SSH mit einem SSH-Client (wie z.B. Putty) an der CLI der Securepoint NextGen UTM an. Kopieren Sie das für Sie benötigte Skript (SMTP, POP3 oder MAILCONNECTOR) und fügen dies im CLI ein.
 
Möglichkeiten für Ausnahmen:
Ausnahmen von strengen Regeln sind möglich, jedoch nicht empfohlen, da Absender gefälscht werden können. Wenn Sie Ausnahmen für Domains einrichten wollen, dann müssen Sie # vor den entsprechenden Zeilen entfernen und die Liste der in eckigen Klammern stehenden Domainnamen (z.B. vertrautedomain1.tld) durch die gewünschten Ausnahmedomains ersetzen.
 
Die hier aufgeführten CLI Kommando Sets dienen als Beispiel und haben keinerlei Anspruch auf Vollständigkeit bezogen auf Mime Typen, Dateierweiterungen usw. Außerdem umfassen diese keine kundenindividuellen Besonderheiten.
 
Die CLI Kommando Sets dürfen nur von geschultem Personal angewendet werden.
 
Fertigen Sie vor jeder Änderung an der Securepoint NextGen UTM ein Backup an.


Wenn Sie Ausnahmen für Domains einrichten wollen (wir empfehlen dies nicht zu tun), dann müssen Sie die # vor den entsprechenden Zeilen entfernen und die Liste der in eckigen Klammern stehenden Domainnamen (z.B. vertrautedomain1.tld) durch die gewünschten Ausnahmedomains ersetzen.




Zeile 18: Zeile 26:
<pre>
<pre>
# SMTP
# SMTP
# DROP Virus (spfilterset_smtp_drop_virus)
# REJECT Virus (spfilterset_smtp_reject_virus)
mail filterng selector new name spfilterset_smtp_drop_virus binop AND
mail filterng selector new name spfilterset_smtp_reject_virus binop AND
mail filterng selector item new selector spfilterset_smtp_drop_virus type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_virus type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_drop_virus type VIRUS operator TRUE
mail filterng selector item new selector spfilterset_smtp_reject_virus type VIRUS operator TRUE
mail filterng new selector spfilterset_smtp_drop_virus action DROP pos 1
mail filterng new selector spfilterset_smtp_reject_virus action REJECT pos 1


# Reject Word by MIME (spfilterset_smtp_reject_word_by_mime)
# Reject Word by MIME (spfilterset_smtp_reject_word_by_mime)
Zeile 52: Zeile 60:
mail filterng selector new name spfilterset_smtp_reject_office_by_ext binop AND
mail filterng selector new name spfilterset_smtp_reject_office_by_ext binop AND
mail filterng selector item new selector spfilterset_smtp_reject_office_by_ext type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_office_by_ext type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_office_by_ext type CONTENT type_arg SUFFIX operator IS value [ doc dot docx docm dotx dotm docb xls xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
mail filterng selector item new selector spfilterset_smtp_reject_office_by_ext type CONTENT type_arg FILENAME operator IN value [ doc dot docx docm dotx dotm docb xls xlsx xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
#mail filterng selector item new selector spfilterset_smtp_reject_office_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
#mail filterng selector item new selector spfilterset_smtp_reject_office_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_smtp_reject_office_by_ext action REJECT pos 5
mail filterng new selector spfilterset_smtp_reject_office_by_ext action REJECT pos 5
Zeile 60: Zeile 68:
mail filterng selector new name spfilterset_smtp_reject_zip_by_ext binop AND
mail filterng selector new name spfilterset_smtp_reject_zip_by_ext binop AND
mail filterng selector item new selector spfilterset_smtp_reject_zip_by_ext type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_zip_by_ext type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_zip_by_ext type CONTENT type_arg SUFFIX operator IS value [ doc dot docx docm dotx dotm docb xls xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
mail filterng selector item new selector spfilterset_smtp_reject_zip_by_ext type CONTENT type_arg FILENAME operator IS value [ zip 7z ace arj cab zz zipx ]
#mail filterng selector item new selector spfilterset_smtp_reject_zip_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
#mail filterng selector item new selector spfilterset_smtp_reject_zip_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_smtp_reject_zip_by_ext action REJECT pos 6
mail filterng new selector spfilterset_smtp_reject_zip_by_ext action REJECT pos 6


# Drop SPAM (spfilterset_smtp_drop_spam)
# REJECT SPAM (spfilterset_smtp_reject_spam)
mail filterng selector new name spfilterset_smtp_drop_spam binop AND
mail filterng selector new name spfilterset_smtp_reject_spam binop AND
mail filterng selector item new selector spfilterset_smtp_drop_spam type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_spam type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_drop_spam type SPAM operator IS value [ VERIFIED ]
mail filterng selector item new selector spfilterset_smtp_reject_spam type SPAM operator IS value [ VERIFIED ]
mail filterng new selector spfilterset_smtp_drop_spam action DROP pos 7
mail filterng new selector spfilterset_smtp_reject_spam action REJECT pos 7


# Quarantine probably SPAM (spfilterset_smtp_quarantine_possibly_spam)
# Quarantine probably SPAM (spfilterset_smtp_quarantine_possibly_spam)
Zeile 123: Zeile 131:
mail filterng selector new name spfilterset_pop3_filter_office_by_ext binop AND
mail filterng selector new name spfilterset_pop3_filter_office_by_ext binop AND
mail filterng selector item new selector spfilterset_pop3_filter_office_by_ext type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_filter_office_by_ext type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_filter_office_by_ext type CONTENT type_arg SUFFIX operator IS value [ doc dot docx docm dotx dotm docb xls xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
mail filterng selector item new selector spfilterset_pop3_filter_office_by_ext type CONTENT type_arg FILENAME operator IN value [ doc dot docx docm dotx dotm docb xls xlsx xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
#mail filterng selector item new selector spfilterset_pop3_filter_office_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
#mail filterng selector item new selector spfilterset_pop3_filter_office_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_pop3_filter_office_by_ext action FILTER pos 5
mail filterng new selector spfilterset_pop3_filter_office_by_ext action FILTER pos 5
Zeile 131: Zeile 139:
mail filterng selector new name spfilterset_pop3_filter_zip_by_ext binop AND
mail filterng selector new name spfilterset_pop3_filter_zip_by_ext binop AND
mail filterng selector item new selector spfilterset_pop3_filter_zip_by_ext type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_filter_zip_by_ext type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_filter_zip_by_ext type CONTENT type_arg SUFFIX operator IS value [ doc dot docx docm dotx dotm docb xls xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
mail filterng selector item new selector spfilterset_pop3_filter_zip_by_ext type CONTENT type_arg FILENAME operator IS value [ zip 7z ace arj cab zz zipx ]
#mail filterng selector item new selector spfilterset_pop3_filter_zip_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
#mail filterng selector item new selector spfilterset_pop3_filter_zip_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_pop3_filter_zip_by_ext action FILTER pos 6
mail filterng new selector spfilterset_pop3_filter_zip_by_ext action FILTER pos 6
Zeile 194: Zeile 202:
mail filterng selector new name spfilterset_mailconnector_quarantine_office_by_ext binop AND
mail filterng selector new name spfilterset_mailconnector_quarantine_office_by_ext binop AND
mail filterng selector item new selector spfilterset_mailconnector_quarantine_office_by_ext type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_office_by_ext type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_office_by_ext type CONTENT type_arg SUFFIX operator IS value [ doc dot docx docm dotx dotm docb xls xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_office_by_ext type CONTENT type_arg FILENAME operator IN value [ doc dot docx docm dotx dotm docb xls xlsx xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
#mail filterng selector item new selector spfilterset_mailconnector_quarantine_office_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
#mail filterng selector item new selector spfilterset_mailconnector_quarantine_office_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_mailconnector_quarantine_office_by_ext action QUARANTINE pos 5
mail filterng new selector spfilterset_mailconnector_quarantine_office_by_ext action QUARANTINE pos 5
Zeile 202: Zeile 210:
mail filterng selector new name spfilterset_mailconnector_quarantine_zip_by_ext binop AND
mail filterng selector new name spfilterset_mailconnector_quarantine_zip_by_ext binop AND
mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_ext type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_ext type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_ext type CONTENT type_arg SUFFIX operator IS value [ doc dot docx docm dotx dotm docb xls xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_ext type CONTENT type_arg FILENAME operator IS value [ zip 7z ace arj cab zz zipx ]
#mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
#mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_mailconnector_quarantine_zip_by_ext action QUARANTINE pos 6
mail filterng new selector spfilterset_mailconnector_quarantine_zip_by_ext action QUARANTINE pos 6

Aktuelle Version vom 10. Dezember 2018, 18:44 Uhr

Passend zu unserem HOWTO zur Filterung von Office Dokumenten finden Sie hier vorbereitete CLI Kommando Sets, die die entsprechenden Filterregeln im Mailfilter der Securepoint NextGen UTM erzeugen. Lesen Sie sich diese Anleitung vollständig durch, bevor Sie Änderungen vornehmen.

Bitte beachten Sie, dass die hier aufgeführte Syntax für die Securepoint NextGen UTM 11.7.x optimiert ist.

Die mit den # beginnenden Zeilen sind Kommentare, die für die Ausführung der Skripte nicht benötigt werden und somit vorher entfernt werden können. Etwaige auftretende Fehler bei dem Belassen der Kommentare im Skript müssen ignoriert werden.

So verwenden Sie die CLI Kommando Sets: Melden Sie sich als Benutzer „admin“ über SSH mit einem SSH-Client (wie z.B. Putty) an der CLI der Securepoint NextGen UTM an. Kopieren Sie das für Sie benötigte Skript (SMTP, POP3 oder MAILCONNECTOR) und fügen dies im CLI ein.

Möglichkeiten für Ausnahmen: Ausnahmen von strengen Regeln sind möglich, jedoch nicht empfohlen, da Absender gefälscht werden können. Wenn Sie Ausnahmen für Domains einrichten wollen, dann müssen Sie # vor den entsprechenden Zeilen entfernen und die Liste der in eckigen Klammern stehenden Domainnamen (z.B. vertrautedomain1.tld) durch die gewünschten Ausnahmedomains ersetzen.

Die hier aufgeführten CLI Kommando Sets dienen als Beispiel und haben keinerlei Anspruch auf Vollständigkeit bezogen auf Mime Typen, Dateierweiterungen usw. Außerdem umfassen diese keine kundenindividuellen Besonderheiten.

Die CLI Kommando Sets dürfen nur von geschultem Personal angewendet werden.

Fertigen Sie vor jeder Änderung an der Securepoint NextGen UTM ein Backup an.


CLI Kommando Set für SMTP

Bitte wählen Sie dieses Script, wenn Sie E-Mails über den SMTP zustellen.

# SMTP
# REJECT Virus (spfilterset_smtp_reject_virus)
mail filterng selector new name spfilterset_smtp_reject_virus binop AND
mail filterng selector item new selector spfilterset_smtp_reject_virus type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_virus type VIRUS operator TRUE
mail filterng new selector spfilterset_smtp_reject_virus action REJECT pos 1

# Reject Word by MIME (spfilterset_smtp_reject_word_by_mime)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_smtp_reject_word_by_mime binop AND
mail filterng selector item new selector spfilterset_smtp_reject_word_by_mime type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_word_by_mime type CONTENT type_arg MIME operator IS value [ application/msword application/vnd.openxmlformats-officedocument wordprocessingml.document application/vnd.openxmlformats-officedocument.wordprocessingml.template application/vnd.ms-word.document.macroEnabled.12 application/vnd.ms-word.template.macroEnabled.12 ]
#mail filterng selector item new selector spfilterset_smtp_reject_word_by_mime type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_smtp_reject_word_by_mime action REJECT pos 2

# Reject Excel by MIME (spfilterset_smtp_reject_excel_by_mime)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_smtp_reject_excel_by_mime binop AND
mail filterng selector item new selector spfilterset_smtp_reject_excel_by_mime type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_excel_by_mime type CONTENT type_arg MIME operator IS value [ application/vnd.ms-excel application/vnd.openxmlformats-officedocument.spreadsheetml.sheet application/vnd.openxmlformats-officedocument.spreadsheetml.template application/vnd.ms-excel.sheet.macroEnabled.12 application/vnd.ms-excel.template.macroEnabled.12 application/vnd.ms-excel.addin.macroEnabled.12 application/vnd.ms-excel.sheet.binary.macroEnabled.12 ]
#mail filterng selector item new selector spfilterset_smtp_reject_excel_by_mime type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_smtp_reject_excel_by_mime action REJECT pos 3

# Reject compressed files by MIME (spfilterset_smtp_reject_zip_by_mime)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_smtp_reject_zip_by_mime binop AND
mail filterng selector item new selector spfilterset_smtp_reject_zip_by_mime type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_zip_by_mime type CONTENT type_arg MIME operator IS value [ application/x-zip-compressed application/zip ]
#mail filterng selector item new selector spfilterset_smtp_reject_zip_by_mime type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_smtp_reject_zip_by_mime action REJECT pos 4

# Reject Office files by extention (spfilterset_smtp_reject_office_by_ext)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_smtp_reject_office_by_ext binop AND
mail filterng selector item new selector spfilterset_smtp_reject_office_by_ext type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_office_by_ext type CONTENT type_arg FILENAME operator IN value [ doc dot docx docm dotx dotm docb xls xlsx xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
#mail filterng selector item new selector spfilterset_smtp_reject_office_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_smtp_reject_office_by_ext action REJECT pos 5

# Reject compressed files by extention (spfilterset_smtp_reject_zip_by_ext)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_smtp_reject_zip_by_ext binop AND
mail filterng selector item new selector spfilterset_smtp_reject_zip_by_ext type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_zip_by_ext type CONTENT type_arg FILENAME operator IS value [ zip 7z ace arj cab zz zipx ]
#mail filterng selector item new selector spfilterset_smtp_reject_zip_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_smtp_reject_zip_by_ext action REJECT pos 6

# REJECT SPAM (spfilterset_smtp_reject_spam)
mail filterng selector new name spfilterset_smtp_reject_spam binop AND
mail filterng selector item new selector spfilterset_smtp_reject_spam type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_reject_spam type SPAM operator IS value [ VERIFIED ]
mail filterng new selector spfilterset_smtp_reject_spam action REJECT pos 7

# Quarantine probably SPAM (spfilterset_smtp_quarantine_possibly_spam)
mail filterng selector new name spfilterset_smtp_quarantine_possibly_spam binop AND
mail filterng selector item new selector spfilterset_smtp_quarantine_possibly_spam type PROTO operator IS value [ SMTP ]
mail filterng selector item new selector spfilterset_smtp_quarantine_possibly_spam type SPAM operator IS value [ SUSPECTED ]
mail filterng new selector spfilterset_smtp_quarantine_possibly_spam action QUARANTINE pos 8

# Activate filterng and save configuration
mail filterng update
system config save


CLI Kommando Set für POP3 Proxy

Bitte wählen Sie dieses Script, wenn Sie E-Mails über den POP3 Proxy filtern.

# POP3Proxy
# Filter Virus (spfilterset_pop3_filter_virus)
mail filterng selector new name spfilterset_pop3_filter_virus binop AND
mail filterng selector item new selector spfilterset_pop3_filter_virus type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_filter_virus type VIRUS operator TRUE
mail filterng new selector spfilterset_pop3_filter_virus action FILTER pos 1

# Filter Word by MIME (spfilterset_pop3_filter_word_by_mime)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_pop3_filter_word_by_mime binop AND
mail filterng selector item new selector spfilterset_pop3_filter_word_by_mime type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_filter_word_by_mime type CONTENT type_arg MIME operator IS value [ application/msword application/vnd.openxmlformats-officedocument wordprocessingml.document application/vnd.openxmlformats-officedocument.wordprocessingml.template application/vnd.ms-word.document.macroEnabled.12 application/vnd.ms-word.template.macroEnabled.12 ]
#mail filterng selector item new selector spfilterset_pop3_filter_word_by_mime type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_pop3_filter_word_by_mime action FILTER pos 2

# Filter Excel by MIME (spfilterset_pop3_filter_excel_by_mime)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_pop3_filter_excel_by_mime binop AND
mail filterng selector item new selector spfilterset_pop3_filter_excel_by_mime type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_filter_excel_by_mime type CONTENT type_arg MIME operator IS value [ application/vnd.ms-excel application/vnd.openxmlformats-officedocument.spreadsheetml.sheet application/vnd.openxmlformats-officedocument.spreadsheetml.template application/vnd.ms-excel.sheet.macroEnabled.12 application/vnd.ms-excel.template.macroEnabled.12 application/vnd.ms-excel.addin.macroEnabled.12 application/vnd.ms-excel.sheet.binary.macroEnabled.12 ]
#mail filterng selector item new selector spfilterset_pop3_filter_excel_by_mime type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_pop3_filter_excel_by_mime action FILTER pos 3

# Filter compressed files by MIME (spfilterset_pop3_filter_zip_by_mime)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_pop3_filter_zip_by_mime binop AND
mail filterng selector item new selector spfilterset_pop3_filter_zip_by_mime type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_filter_zip_by_mime type CONTENT type_arg MIME operator IS value [ application/x-zip-compressed application/zip ]
#mail filterng selector item new selector spfilterset_pop3_filter_zip_by_mime type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_pop3_filter_zip_by_mime action FILTER pos 4

# Filter Office files by extention (spfilterset_pop3_filter_office_by_ext)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_pop3_filter_office_by_ext binop AND
mail filterng selector item new selector spfilterset_pop3_filter_office_by_ext type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_filter_office_by_ext type CONTENT type_arg FILENAME operator IN value [ doc dot docx docm dotx dotm docb xls xlsx xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
#mail filterng selector item new selector spfilterset_pop3_filter_office_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_pop3_filter_office_by_ext action FILTER pos 5

# Filter compressed files by extention (spfilterset_pop3_filter_zip_by_ext)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_pop3_filter_zip_by_ext binop AND
mail filterng selector item new selector spfilterset_pop3_filter_zip_by_ext type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_filter_zip_by_ext type CONTENT type_arg FILENAME operator IS value [ zip 7z ace arj cab zz zipx ]
#mail filterng selector item new selector spfilterset_pop3_filter_zip_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_pop3_filter_zip_by_ext action FILTER pos 6

# Quarantine SPAM (spfilterset_pop3_quarantine_spam)
mail filterng selector new name spfilterset_pop3_quarantine_spam binop AND
mail filterng selector item new selector spfilterset_pop3_quarantine_spam type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_quarantine_spam type SPAM operator IS value [ VERIFIED ]
mail filterng new selector spfilterset_pop3_quarantine_spam action QUARANTINE pos 7

# Quarantine probably SPAM (spfilterset_pop3_quarantine_possibly_spam)
mail filterng selector new name spfilterset_pop3_quarantine_possibly_spam binop AND
mail filterng selector item new selector spfilterset_pop3_quarantine_possibly_spam type PROTO operator IS value [ POP3 ]
mail filterng selector item new selector spfilterset_pop3_quarantine_possibly_spam type SPAM operator IS value [ SUSPECTED ]
mail filterng new selector spfilterset_pop3_quarantine_possibly_spam action QUARANTINE pos 8

# Activate filterng and save configuration
mail filterng update
system config save


CLI Kommando Set für Mail-Connector

Bitte wählen Sie dieses Script, wenn Sie E-Mails über den Mail-Connector zustellen.

# MAIL-Connector
# DROP Virus (spfilterset_mailconnector_drop_virus)
mail filterng selector new name spfilterset_mailconnector_drop_virus binop AND
mail filterng selector item new selector spfilterset_mailconnector_drop_virus type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_drop_virus type VIRUS operator TRUE
mail filterng new selector spfilterset_mailconnector_drop_virus action DROP pos 1

# Quarantine Word by MIME (spfilterset_mailconnector_quarantine_word_by_mime)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_mailconnector_quarantine_word_by_mime binop AND
mail filterng selector item new selector spfilterset_mailconnector_quarantine_word_by_mime type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_word_by_mime type CONTENT type_arg MIME operator IS value [ application/msword application/vnd.openxmlformats-officedocument wordprocessingml.document application/vnd.openxmlformats-officedocument.wordprocessingml.template application/vnd.ms-word.document.macroEnabled.12 application/vnd.ms-word.template.macroEnabled.12 ]
#mail filterng selector item new selector spfilterset_mailconnector_quarantine_word_by_mime type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_mailconnector_quarantine_word_by_mime action QUARANTINE pos 2

# Quarantine Excel by MIME (spfilterset_mailconnector_quarantine_excel_by_mime)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_mailconnector_quarantine_excel_by_mime binop AND
mail filterng selector item new selector spfilterset_mailconnector_quarantine_excel_by_mime type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_excel_by_mime type CONTENT type_arg MIME operator IS value [ application/vnd.ms-excel application/vnd.openxmlformats-officedocument.spreadsheetml.sheet application/vnd.openxmlformats-officedocument.spreadsheetml.template application/vnd.ms-excel.sheet.macroEnabled.12 application/vnd.ms-excel.template.macroEnabled.12 application/vnd.ms-excel.addin.macroEnabled.12 application/vnd.ms-excel.sheet.binary.macroEnabled.12 ]
#mail filterng selector item new selector spfilterset_mailconnector_quarantine_excel_by_mime type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_mailconnector_quarantine_excel_by_mime action QUARANTINE pos 3

# Quarantine compressed files by MIME (spfilterset_mailconnector_quarantine_zip_by_mime)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_mailconnector_quarantine_zip_by_mime binop AND
mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_mime type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_mime type CONTENT type_arg MIME operator IS value [ application/x-zip-compressed application/zip ]
#mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_mime type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_mailconnector_quarantine_zip_by_mime action QUARANTINE pos 4

# Quarantine Office files by extention (spfilterset_mailconnector_quarantine_office_by_ext)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_mailconnector_quarantine_office_by_ext binop AND
mail filterng selector item new selector spfilterset_mailconnector_quarantine_office_by_ext type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_office_by_ext type CONTENT type_arg FILENAME operator IN value [ doc dot docx docm dotx dotm docb xls xlsx xlt xlm xlsb xla xlam xll xlw ppt pot pps pptx pptm potx potm ppam ppsx ppsm sldx sldm pub ]
#mail filterng selector item new selector spfilterset_mailconnector_quarantine_office_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_mailconnector_quarantine_office_by_ext action QUARANTINE pos 5

# Quarantine compressed files by extention (spfilterset_mailconnector_quarantine_zip_by_ext)
# Please adjust trusted domain - this is not recommended
mail filterng selector new name spfilterset_mailconnector_quarantine_zip_by_ext binop AND
mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_ext type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_ext type CONTENT type_arg FILENAME operator IS value [ zip 7z ace arj cab zz zipx ]
#mail filterng selector item new selector spfilterset_mailconnector_quarantine_zip_by_ext type FROM operator NOTIN value [ vertrautedomain1.tld vertrautedomain2.tld ]   
mail filterng new selector spfilterset_mailconnector_quarantine_zip_by_ext action QUARANTINE pos 6

# Quarantin SPAM (spfilterset_mailconnector_quarantine_spam)
mail filterng selector new name spfilterset_mailconnector_quarantine_spam binop AND
mail filterng selector item new selector spfilterset_mailconnector_quarantine_spam type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_spam type SPAM operator IS value [ VERIFIED ]
mail filterng new selector spfilterset_mailconnector_quarantine_spam action QUARANTINE pos 7

# Quarantine probably SPAM (spfilterset_mailconnector_quarantine_possibly_spam)
mail filterng selector new name spfilterset_mailconnector_quarantine_possibly_spam binop AND
mail filterng selector item new selector spfilterset_mailconnector_quarantine_possibly_spam type PROTO operator IS value [ FETCHMAIL ]
mail filterng selector item new selector spfilterset_mailconnector_quarantine_possibly_spam type SPAM operator IS value [ SUSPECTED ]
mail filterng new selector spfilterset_mailconnector_quarantine_possibly_spam action QUARANTINE pos 8

# Activate filterng and save configuration
mail filterng update
system config save