Ralf Hildebrandt put forth on 11/3/2009 8:32 AM:
> * Stan Hoeppner <[email protected]>:
>
>> Anyone have a filter they'd like to share that rejects mail at smtp
>> based on known malicious attachment file types?
>
> Of course .)
>
> mime_header_checks:
>
> /name=\"(.*)\.(386|bat|chm|cpl|cmd|com|do|exe|hta|jse|lnk|msi|ole)\"$/
> REJECT Unwanted attachment/Unerwuenschter Anhang $1.$2 --
> http://webmail.charite.de/doku/faq/#3
>
> /name=\"(.*)\.(pif|reg|rm|scr|shb|shm|shs|sys|vbe|vbs|vxd|xl|xsl)\"$/
> REJECT Unwanted attachment/Unerwuenschter Anhang $1.$2 --
> http://webmail.charite.de/doku/faq/#3
Thanks Ralf. Is smtpd_recipient_restrictions the appropriate place to
put mime_header_checks, like this?
smtpd_recipient_restrictions =
mime_header_checks = pcre:/etc/postfix/mime_header_checks
/etc/postfix/mime_header_checks
/name=\"(.*)\.(386|bat|chm|cpl|cmd|com|do|exe|hta|jse|lnk|msi|ole)\"$/
REJECT Unwanted attachment $1.$2
/name=\"(.*)\.(pif|reg|rm|scr|shb|shm|shs|sys|vbe|vbs|vxd|xl|xsl)\"$/
REJECT Unwanted attachment $1.$2
BTW, I can't tell--are these regexp or pcre format?
--
Stan
