Am 04.10.17 um 21:41 schrieb Michael Fox: > The example provided in /usr/share/doc/mimedefang shows a very long list > of extensions to be rejected.
I am mainly not blocking by filename extensions, but by content. I am blocking: - Files with contents beginning with "MZ" (DOS EXE); - the same inside ZIP files; - the same inside ZIP files inside ZIP files :-) - short or broken ZIP files; - encrypted ZIP files with $name=~/\.(?:com|exe|bat|pif|scr|vbs|hta|cpl|js)$/i as member; - zip files with *.js as member; - several well-known spam or virus file names like Rechnung.rar etc. Also I have built in a sqlite DB where several other conditions (HELO string, unknown recipient rate per IP,...) are tracked for delaying or refusing certain connections. Thanks for that great and highly customizable software, which reduces the spam and malware amount for years now! best regards, Frank _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang