Welcome to AVAcl...

Avacl is a (one hopes) simple program which allows you to control various aspects of email scanners such as AMaViS and Inflex with a finer degree of control. Such things as per-user or per-domain relaxations of file type or name blocking, as well as enforcing total email blocking on a per-user/domain level.

Status
Avacl is currently in ALPHA development phase. It's fully functional, but may alter in it's purpose/design.

How it works
Avacl uses the following command line parameters...

avacl   -s >sender< (email address of sender)
        -r >receiver< (email address of recipient)
        -n >filename< (name of file we're testing)
        -t >filetype< (the type as returned by 'file' of the file)
        [-c >AVAcl configuration file< (default is /usr/local/avacl/avacl.conf)]
        [-v Be verbose about results]
        [-V (get the version)]
        [-h (help)]

A typical command line invokement might look like...
	avacl -s pldaniels@pldaniels.com -r joe@nowhere.co.za -n unknown.doc -t `file unknown.doc`
	

The result of the scan is available by two options.
  1. The exit-result of the avacl command line will have a bit set for each test pass/fail result as follows...(each from LSB)
    1. Type blocking
    2. Name blocking
    3. Text-content blocking
    4. Size blocking
    5. User/domain blocking
  2. By selecting the '-v' flag for Avacl, you can get a verbose resulting as follows
    	type=?:name=?:text=?:size=?:user=?
    Where '?' will be '0' if test passed and greater than 0 if it failed.

Support files Avacl requires the following support files (typically installed into /usr/local/avacl)

  • filetype.block - contains file types to block and respective comments
  • filename.block - contains file names to block and respective comments
  • filetext.block - contains file text-strings to block and respective comments
  • users.db - contains additional per-user/domain restriction relaxations or increments
  • avacl.conf - Configuration file specifying the location of the above files and various other items.

Format of users.db
The users.db file contains a single user/domain entry per line. The format of the line is as follows...

	<username/domainname>[:b][:z<kbyte-size>][:t<file type to release>][:n<file name to release>]
	
Thus, a line of...
	pldaniels.com:z9000:tEXE:njunk.bmp:nprettypark.exe:tMOV
	
gives anyone with a domain name of pldaniels.com a maximum email size limit of 9000kb, allows EXE's to pass, allows junk.bmp file to pass, allows prettypark.exe to pass and allows MOV files to pass.

In contraditction, a line as follows...

	spammers.com:b
	
will block all emails from/to spammers.com.


Licence
Avacl is licenced under a BSD style licence.

Download

Things to do

  1. Finish off documentation
  2. Create built in use of FILE command
  3. Incorporate as part of Ebola project

Contacts...
You can contact the author (Paul L Daniels) via email on pldaniels@pldaniels.com.

Other software written by Paul L Daniels...

  • Inflex - Sendmail based Bidirectional email scanner.
  • jslice - Image slicer and table generator for HTML.
  • ripMIME - MIME attachment extractor for email.
  • ebola - AV Script to AV Scanning engine bridge.
  • pppdropper - PPP line utilisation based dropper.
  • cInflex - Commercial, written in C version of Inflex (incl's ACL's).