On 10/1/2014 7:32 AM, Deeztek Support wrote: > On 10/1/2014 8:16 AM, Mark Martinec wrote: >> Deeztek Support, >> >>> According to the amavis docs, amavis checks MIME types of decoded >>> mail >>> parts where the content classifications are provided by a file(1) >>> utility. >> >> Not really. The MIME type is obtained directly from a Content-Type >> header or sub-header field of each mail part. >> >> The file(1) utility is called without its -i option. The resulting >> string is mapped through @map_full_type_to_short_type_re to obtain >> a file extension. MIME type as checked by banning rules does not >> come from the file(1) utility. >> >> Mark >> > > Thanks for the info Mark. So, there is no easy way to add new MIME > types in amavis for use in banning rules?
You can easily add any mime-type to the $banned_filename_re or $banned_namepath_re lists. But keep in mind the mime-type is declared by the sending mail client and can be set wrong, either by buggy software or an attacker. Amavis does not "normalize" the mime-type. As a general rule, using the file extension as determined by file(1) and @map_full_type_to_short_type_re is more reliable for blocking specific file types since it doesn't depend on information provided by the client. -- Noel Jones