If you implement attachment blocking with Postfix your users will be able to bypass the restriction by simply renaming the extension on the attached file.
If I was in your shoes I would look at amavisd-new. On Tue, Nov 30, 2010 at 12:12 PM, Jeroen Geilman <jer...@adaptr.nl> wrote: > On 11/30/2010 07:49 PM, Victor Duchovni wrote: >> >> On Tue, Nov 30, 2010 at 07:22:39PM +0100, Jeroen Geilman wrote: >> >> >>> >>> On 11/30/2010 04:27 PM, Gustavo Villaran wrote: >>> >>>> >>>> Hi, i just installed postfix on my company and is working fine, now the >>>> company management has asked me to >>>> implement a group security model that i dont know if i could do it in >>>> postfix, it goes like this : >>>> >>>> 1. We want to have a group of persons that can send and receive emails >>>> without restrictions >>>> >>> >>> Add them to a sender whitelist, with appropriate restrictions on the >>> client >>> IP (or set up SASL/TLS for "road warriors"). >>> Make sure to put this whitelist access map in front of any BLACKLISTS you >>> use. >>> >>> >>>> >>>> 2. We want to have a group of persons that can send and receive emails >>>> but >>>> they cannot send attachments ( based on extensions .exe, .pdf,.xls etc) >>>> >>> >>> Probably best done with a policy server. >>> >> >> Policy servers don't see message content. > > Oh drat. That's what I get for responding about $feature_not_used_here. > > A content filter would do the job, but is potentially expensive. > > > -- > J. > >