Jordi, > ¿Is it possible to make a policy bank which permit the domain users to > send .exe-like file but doesn't receive them?
It is possible to have a policy bank to install its own set of banning rules, which allows for example for mail originating from inside to have less strict banning rules than incoming mail. Search for %banned_rules and banned_filename_maps in RELEASE_NOTES. See also: http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks and examples there. Here is another example: %banned_rules = ( 'ALLOW_EXE' => # pass executables except if name ends in .vbs .pif .scr .bat new_RE( qr'.\.(vbs|pif|scr|bat)$'i, [qr'^\.exe$' => 0] ), 'NO-VIDEO' => new_RE( qr'^\.movie$', qr'.\.(asf|asx|mpg|mpe|mpeg|avi|mp3|wav|wma|wmf|wmv|mov|vob)$'i, ), 'NO-MOVIES' => new_RE( qr'^\.movie$', qr'.\.(mpg|avi|mov)$'i, ), 'DEFAULT' => $banned_filename_re, ); @mynetworks = qw( ... ); # list your internal networks here $policy_bank{'MYNETS'} = { # mail originating from @mynetworks banned_filename_maps => ['ALLOW_EXE,DEFAULT'], }; > Afer all my last goal is make not permit the .exe-like file traffic in > any direction (inbound/outbound) by default but permit the outbound in > only few accounts. ¿Can I do it? MTA will need to map these privileged accounts to a content filter port number, so that you could assign appropriate policy bank to it. The simplest would be to provide a separate smtpd postfix service for them (with its own -o content_filter setting), accessible only to these authorized accounts. Or perhaps a combination of check_sender_access with a FILTER, combined with an access restriction based on client's IP address or SASL authorization) could be used. Mark ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
