[EMAIL PROTECTED] wrote:

On Sat, 27 Sep 2003, Pim Bliek wrote:



I get the virii with 3 different content-types:
application/x-msdownload,audio/x-wav,audio/x-mid
so, just exe doesnt seem to cover it.


But how do you filter them out using postfix?

Pim



I was commenting that you can not just check on .exe becasue the virus is not just in .exe files. I was suggesting to check the message body for this line. I do not know about postfix. sorry. -K




With postfix 2.x you can do mime_header_checks for "dangerous extensions" in the Content-Type/Content-Disposition and body_checks for the "MS executable MIME fingerprint"

http://sbserv.stahl.bau.tu-bs.de/~hildeb/postfix/postfix_sobigf.shtml

I'm running 1.x, so I only do body_checks.

I feel like I'm in a bit of a delima there though, because I want my gateway mail server to be stable and supported by the security team, but I want the newer features of the later versions so I can make better inbound SMTP decisions. Same goes if I chose to use exim, I'd want v4.

Jacob




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]




Reply via email to