On Thursday 27 September 2001 13:30, you wrote:
>
> I also want to share to PLUGgers my PCRE expression for postfix. I just got
> this from somewhere.
> Ako na lang ang nagdagdag ng mga extensions. And aside from my body_checks,
> I have
> amavis-perl and sophos installed. Bury McAfee, it's slow.
>
> /^(Content-(Type|Disposition):.*|\s*(file)?)name=("[^"]*|\S*)\.exe|com|chm|
>h ta|jse|reg|shb|shs|vbe|vbs|vxd|scr|pif|bat|lnk|dll|vbs|js)\b/ REJECT
>
> And if you (PLUGger) know of any other malicious attachment, do share the
> extension.
> I know, this expression is too much but we have what we call security
> policy in b&w.
>
> Oniehi there onie, just some additional info: please also note that to be trully effective, you have to test your setup with different email clients (e.g. netscape mail, eudora, kmail, m$ lookout). some email clients encode attachments in a different manner. hth, -eric -- �.--. �Enrique D. Rosel II � � � � � � � � � � office://+63.2.894.3592/ ( () ) Q Linux Solutions, Inc. �`--\\ A Philippine Open Source Solutions Co. �http://www.q-linux.com/ _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
