English
Chinese (Simplified)
French
German
Italian
Japanese
Russian
Spanish
Vietnamese
Content filter - Run program
-
If I set a rule with "run program" this is executed in background or in the log I try "Process executed" but the program doesn't start.
-
Arron Staff
How do you know the program is not starting?
Are there any errors in MDaemon's system log?
Are there any errors in the Windows Event log?
Does the user that the MDaemon service is running as have permissions to start programs?
Can you post the content filter log shippet that shows all the CF processing for that message?
Can you post the CF Rule from the cfrules.dat file?
-
I'm really sorry but I was desperate! I've been trying to make the rule work for 2 days and today it suddenly works! Before I inserted "run program" as an additional operation of an existing rule while today I tried to create a rule only with the "run program" operation and it works! Arron, thank you very much for responding very kindly and professionally to my request which, in fact, was very little detailed.
-
Arron Staff
I'm sorry to hear that it took you days, but I'm glad that you got it working.
What was the action you had running before "run program"?
-
If the FROM HEADER contains ...
...then copy this message to ... (I've removed this line)
and run program C:\WINDOWS\system32\mstsc.exe
-
If the FROM HEADER contains ...
...then skip net n rules ... (before I tried also with this rule)
and run program C:\WINDOWS\system32\mstsc.exe
In a previous moment I added the "run program" to rules that I've created before, when I've created a new rule with only the line "run program" then worked.
-
Arron Staff
I wasn't able to reproduce an issue with any of the actions causing the "run program" action to not actually be executed in MDaemon 24.0.0. What version are you using?
Can you post the actual rule from the cfilter.ini file so that I can test with it?
-
Can you wait till monday? Now I'm not at work.
-
Arron Staff
No problem. It'll likely be Tuesday before I respond, we are closed Monday for our Memorial Day. Enjoy your weekend.
-
Version 23.5.3
I tryed to reproduce the issue but in all rules I set "run program" this works now!
I can't understand why or what I did but now it works.
This is cfilter.ini:
[SpamFilter]
AutoWhiteList=No
SpamLearnAddress=SpamLearn@
HamLearnAddress=HamLearn@
UseHeuristics=Yes
InlineSMTP=Yes
UseInlineResults=Yes
RefuseOnError=No
SpamAction=Flag
SendSpamReport=No
RefusalThreshold=12.0
AutoFilter=No
SkipLocal=Yes
SkipTrusted=Yes
SortEntries=No
MaxSize=0
EnableLearning=No
LearnInBackground=Yes
CheckAddrBook=Yes
VerifyAddrBook=Yes
UpdateAddrBook=No
UpdateHamFolder=No
[VirusScanner]
Action=4
DisableAVGUI=Yes
Enabled=No
EngineVersion=IKARUS Scan.Server 6.2.4.0
EngineDate=
DBCount=106701
DBLastUpdate=2024-01-15 19:17:16
Restart=No
ForegroundScan=No
IgnoreSuspicious=No
QuarantinePath=D:\MDAEMON\CFILTER\QUARANT\
MsgQuarantinePath=D:\MDAEMON\CFILTER\QUARANT\
AddFooter=Yes
AddFooterNonScanned=Yes
QuarantineNonScan=Yes
ExcludeGateways=No
InlineSMTP=No
ExemptPassProtected=Yes
InfectedSubjectPrepend=
NonScannedSubjectPrepend=
FooterFile=D:\MDaemon\APP\cfvirwrn.dat
NonScannedFooterFile=D:\MDaemon\APP\cfnonscanwrn.dat
UseCyrenAV=No
UseClamAV=Yes
SkipTrustedIPs=No
[ContentFilter]
EnableAll=Yes
SkipIfDigSig=No
NoForeignNotifications=No
FilterForwardedMail=No
MaxPFMessageAge=0
DeleteQuarantinedFiles=No
DeleteQuarantinedMsgs=No
DeleteRestrictedAttachments=No
PruneFilesMaxDaysOld=0
PruneMsgsMaxDaysOld=0
PruneRestrictMaxDaysOld=0
[Compression]
UnzipInbound=No
UnzipInboundLocal=No
ZipOutbound=No
ZipOutboundLocal=No
ZipToExe=No
UseFixedArchiveName=No
GetZipContents=Yes
FixedArchiveName=Archive
MinZipRatio=25
MinAttachmentSize=50
ZipLevel=1
MaxZipContentsRecurse=5
ExtractWinmailDat=No
[NotifySenderAttachmentRemoved]
Enabled=No
Subject=MDaemon Notification - Restricted Attachment Found
[NotifyRecipientAttachmentRemoved]
Enabled=Yes
Subject=MDaemon Notification - Restricted Attachment Found
[NotifyAdminAttachmentRemoved]
Enabled=Yes
Subject=MDaemon Notification - Restricted Attachment Found
[NotifySenderVirusFound]
Enabled=No
Subject=MDaemon Warning - Virus Found
[NotifyRecipientVirusFound]
Enabled=No
Subject=MDaemon Warning - Virus Found
[NotifyAdminVirusFound]
Enabled=Yes
Subject=MDaemon Warning - Virus Found
[NotifyAVUpdate]
Enabled=Yes
Subject=AV Update: $AV_UPDATER_RESULT$ - $MACHINENAME$ - $CURRENTTIME$
OnlyOnFailure=Yes
[NotifySAUpdate]
Enabled=Yes
Subject=SF Update: $MACHINENAME$ - $CURRENTTIME$
[NotificationFrom]
FromPostmaster=Postmaster@$PRIMARYDOMAIN$
[RestrictedAttachments]
Quarantine=Yes
QuarantinePath=D:\MDAEMON\CFILTER\QUARANT\
Action=4
MsgQuarantinePath=D:\MDAEMON\CFILTER\QUARANT\
AddFooterAttachRemoved=Yes
AttachRemovedSubjectPrepend=
[SpamHoneypots]
Enable=Yes
DynamicScreen=Yes
[SpamAssassin]
AutoUpdate=Yes
SACommandLine=
LogSAUpdate=No
[SpamD]
Host=127.0.0.1
Port=783
MaxChildren=4
MaxConnectionsPerChild=10
PingInterval=30
ListenIP=<all>
AllowIPs=127. 10.
Extra=
ShowWindow=No
LocalOnly=Yes
[NotifyAVDefinition]
Subject=Avviso MDaemon AntiVirus - Definizioni virus scadute
[Administrators]
Admin1=xxx@yyy.zzz
-
Arron Staff
I'm glad its working for you now. Please let us know if you start having issues again.
-
Sure. Thank you very much for your help.
