On Thu, Mar 17, 2016 at 1:46 PM, Dino Edwards <dino.edwa...@mydirectmail.net > wrote:
> While users surf the Internet? So, not coming through e-mail? > > > Your point is OK. But, I am afraid that an attacker sends emails to our domain with those attachment, I want my mail filer to block it. I want to take an action for it in the future comments? , > *From:* amavis-users [mailto:amavis-users-bounces+dino.edwards= > mydirectmail....@amavis.org] *On Behalf Of *Indunil Jayasooriya > *Sent:* Thursday, March 17, 2016 1:10 AM > *To:* amavis-users@amavis.org > *Subject:* block a particular double extension files in amavisd.conf > > > > Hi, > > I want to block files having double extensions. while users surf internet, > some files such as* e7ea.tmp.exe* will be automatically downloaded. > > > e7ea.tmp.exe is a ransomware. Attackers can send mails with files of these > types as well. > > Now, I want to block files having double extension such as filenames > *.tmp.exe* format. > > > > I think below regex is OK to insert in to amavisd.conf file. > > > *qr'.\.(tmp)\.exe$'i, * # block this double extension > > any comment? > > > > -- > > cat /etc/motd > > Thank you > Indunil Jayasooriya > http://www.theravadanet.net/ > http://www.siyabas.lk/sinhala_how_to_install.html - Download Sinhala > Fonts > -- cat /etc/motd Thank you Indunil Jayasooriya http://www.theravadanet.net/ http://www.siyabas.lk/sinhala_how_to_install.html - Download Sinhala Fonts