CK_beats
I have noticed this aswell with clients using Outlook and Mailbird, I have taken a look at mime_types.conf which has not been updated for over a year now and have reason to believe that if some attachments are not listed in this file they can be flagged with a high spam score and certain recipients can reject the files
Outlook (and similar clients like Mailbird) fail with attachments because of MIME type handling. I’ll also explain why we changed each entry in your mime_types.conf.
###############################################################################
# MIME Types configuration for Rspamd
# Compatible with Outlook, Mailbird, Thunderbird, and other major email clients
###############################################################################
# Extensions treated as potentially dangerous
# Number is spam/virus score multiplier
bad_extensions = {
apk = 4,
appx = 4,
appxbundle = 4,
bat = 20,
cab = 20,
cmd = 20,
com = 20,
dmg = 8,
exe = 20,
jar = 12,
jnlp = 12,
js = 12,
jse = 12,
lnk = 20,
mjs = 12,
msi = 12,
msix = 12,
msixbundle = 12,
ps1 = 12,
scr = 20,
sct = 20,
vb = 20,
vbe = 20,
vbs = 20,
py = 12,
reg = 12,
};
# Extensions allowed in archives
archive_extensions = {
zip = 1,
rar = 1,
tar = 1,
gz = 1,
7z = 1,
};
# Dangerous files inside archives (high penalty)
bad_archive_extensions = {
bat = 12,
cmd = 12,
exe = 20,
jar = 12,
js = 12,
vbs = 20,
msi = 12,
};
# Forbidden MIME types
forbidden_type {
application/x-msdownload = 1;
application/x-executable = 1;
application/x-dosexec = 1;
application/x-bat = 1;
application/x-cmd = 1;
application/javascript = 1;
application/x-javascript = 1;
application/x-sharedlib = 1;
application/java-archive = 1;
application/x-msi = 1;
application/x-iso9660-image = 1;
# Safe MIME types that Outlook sometimes mislabels
application/octet-stream = 0; # critical: allows generic binaries like zip, docx, pdf
application/x-zip-compressed = 0; # critical for Outlook/Mailbird to attach zip files
};
# Explicitly allowed extensions with minimal penalty
allowed_extensions {
pdf = 0.1;
doc = 0.1;
docx = 0.1;
xls = 0.1;
xlsx = 0.1;
csv = 0.1;
txt = 0.1;
zip = 0.5;
rar = 0.5;
7z = 0.5;
# Common image formats
png = 0.1;
jpg = 0.1;
jpeg = 0.1;
gif = 0.1;
};
# Optional: low-risk penalty for archives containing allowed files
archive_penalty_safe = 0.5
| Setting | Default Mailcow | Updated | Reason / Impact |
|---|
bat, cmd, exe | bat=8, cmd=8, exe=20 | all higher (bat=20, cmd=20, exe=20) | Stronger penalty for dangerous scripts |
jar, jnlp, js, msi | jar=8, jnlp=8, js=8, msi=4 | jar=12, jnlp=12, js=12, msi=12 | Catches risky binaries/scripts in attachments |
application/octet-stream | forbidden=0.0 | forbidden=0 | Allows Outlook to attach files that are mislabeled as octet-stream (zip, docx, pdf) |
application/x-zip-compressed | forbidden=0.0 | forbidden=0 | Fixes Outlook/Mailbird zip attachment issues |
| Images | not explicitly listed | png/jpg/jpeg/gif allowed | Avoids false positives for common image attachments |
| Archive extensions | tar, gz | zip, rar, tar, gz, 7z | Ensures safe handling of common compressed files |
Using the mime_type.conf code above save it in /docker/mailcow/data/conf/rspamd/local.d/mime_types.conf
Check the config Syntax: docker exec -it rspamd-mailcow-1 rspamadm configtest
Reload rspamd: docker exec -it rspamd-mailcow-1 rspamadm reload
Or you can just reload the container: docker compose restart rspamd-mailcow
It’s a battle and half, now at the point I am away to lose a client I have had for the past 2 years as a result of this. This is my last attempt to reignite, a happy round table meetings. Mailcow has so much potential in breaking away from the big mail services.
