On Tue, Sep 16, 2014 at 09:28:11PM +0200, li...@rhsoft.net wrote: > > # block windows executables PCRE > > /^\s*Content-(?:Disposition|Type): # Header label > > (?:.*?;)? \s* # Any prior attributes > > (?:file)?name\s*=\s*"? # name or filename > > ( # Capture name for response > > .*?(\.|=2E) # File basename and "." > > (ade|adp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|hlp|hta| > > inf|ins|isp|js|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws| > > ops|pcd|pif|prf|reg|scf|scr|sct|shb|shs|shm|swf| > > vb|vbe|vbs|vbx|vxd|wsc|wsf|wsh) # Capture risky extensions > > ) # Close capture > > (?:\?=)? # Trailer of ad-hoc RFC 2047 > > encoding > > "? # Optional close quote > > \s*(;|$) # End of attribute or header > > /x > > > > [ untested ] > > thanks! > > interesting - none of both blocking a empty textfile renamed to "test.exe" > i have all 3 for now enabled and the 3rd one rejects (Thunderbird as MUA)
That's because Postfix does not support in-line comments in PCRE patterns. The multi-line pattern is unfolded first, and the first comment gobbles up all the remaining text. If you strip all the comments: $ postmap -q 'Content-Type: name="test.exe.txt"; charset=us-ascii' pcre:/tmp/foo.pcre $ postmap -q 'Content-Type: name="test.exe"; charset=us-ascii' pcre:/tmp/foo.pcre REJECT blocked filename test.exe With /tmp/foo.pcre containing: # block windows executables PCRE /^Content-(?:Disposition|Type): (?:.*?;)? \s* (?:file)?name \s* = \s*"? ( .*?(\.|=2E) (ade|adp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|hlp|hta| inf|ins|isp|js|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws| ops|pcd|pif|prf|reg|scf|scr|sct|shb|shs|shm|swf| vb|vbe|vbs|vbx|vxd|wsc|wsf|wsh) ) (?:\?=)? "? \s*(;|$) /x REJECT blocked filename ${1} -- Viktor.