li...@rhsoft.net:
> (yes i know it's not 100% perfect in any case)
>
> but anybody using "mime_header_checks" by one of the similar howtos out
> there should review the configuration - without \" at the end of the
> regex this is prone to false positives
Caution: MIME allows names in this context without "", as long as
those names contain no whitespace etc.
Wietse
> two examples from real world (.scr and .com wrongly rejected)
>
> * name="strace.Scripting-with-the-xss.pdf.txt"
> * filename="BOOKING.COM: Hotel 342802.PDF"
>
> i think this was the one i followed
> http://www.cyberciti.biz/tips/postfix-block-mime-attachment-files.html
> _________________________________________________
>
> cat /etc/postfix/mime_header_checks.cf
> # Reject Attachment-Extensions
> /name=[^>]*\.(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|msc|msi|msp|mst|ocx|pcd|pif|pl|reg|scr|script|sct|sh|shb|shs|sys|so|tlb|vb|vbe|vbs|wiz|wll|wpc|wsc|wsf|wsh)\"/
> REJECT 554 Attachment Blocked
>
>
>
