Am 16.09.2014 um 21:42 schrieb Viktor Dukhovni <postfix-us...@dukhovni.org>:
> On Tue, Sep 16, 2014 at 09:28:11PM +0200, li...@rhsoft.net wrote: > >>> # block windows executables PCRE >>> /^\s*Content-(?:Disposition|Type): # Header label >>> (?:.*?;)? \s* # Any prior attributes >>> (?:file)?name\s*=\s*"? # name or filename >>> ( # Capture name for response >>> .*?(\.|=2E) # File basename and "." >>> (ade|adp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|hlp|hta| >>> inf|ins|isp|js|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws| >>> ops|pcd|pif|prf|reg|scf|scr|sct|shb|shs|shm|swf| >>> vb|vbe|vbs|vbx|vxd|wsc|wsf|wsh) # Capture risky extensions >>> ) # Close capture >>> (?:\?=)? # Trailer of ad-hoc RFC 2047 >>> encoding >>> "? # Optional close quote >>> \s*(;|$) # End of attribute or header >>> /x >>> >>> [ untested ] >> >> thanks! >> >> interesting - none of both blocking a empty textfile renamed to "test.exe" >> i have all 3 for now enabled and the 3rd one rejects (Thunderbird as MUA) > > That's because Postfix does not support in-line comments in PCRE > patterns. The multi-line pattern is unfolded first, and the first > comment gobbles up all the remaining text. If you strip all the > comments: > > $ postmap -q 'Content-Type: name="test.exe.txt"; charset=us-ascii' > pcre:/tmp/foo.pcre > $ postmap -q 'Content-Type: name="test.exe"; charset=us-ascii' > pcre:/tmp/foo.pcre > REJECT blocked filename test.exe > > With /tmp/foo.pcre containing: > > # block windows executables PCRE > /^Content-(?:Disposition|Type): > (?:.*?;)? \s* > (?:file)?name \s* = \s*"? > ( > .*?(\.|=2E) > (ade|adp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|hlp|hta| > inf|ins|isp|js|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws| > ops|pcd|pif|prf|reg|scf|scr|sct|shb|shs|shm|swf| > vb|vbe|vbs|vbx|vxd|wsc|wsf|wsh) > ) > (?:\?=)? > "? > \s*(;|$) > /x REJECT blocked filename ${1} > > -- > Viktor. I just wanted to give this a try, but it seems I have done something wrong. I copied the comment-free version to a pcre-table-file and gave it a try, but Postfix now tells me this in the logs: postconf -c $PWD mime_header_checks mime_header_checks = pcre:${map}/mime_header_checks.pcre Sep 17 09:51:15 mx postfix-submission/cleanup[23573]: warning: pcre map /etc/postfix-submission/maps/mime_header_checks.pcre, line 14: no closing regexp delimiter "/": ignoring this rule Sep 17 09:51:15 mx postfix-submission/cleanup[23573]: warning: pcre map /etc/postfix-submission/maps/mime_header_checks.pcre, line 16: no closing regexp delimiter "/": ignoring this rule postconf -c $PWD mime_header_checks mime_header_checks = pcre:${map}/mime_header_checks.pcre cat maps/mime_header_checks.pcre # block windows executables PCRE /^Content-(?:Disposition|Type): (?:.*?;)? \s* (?:file)?name \s* = \s*"? ( .*?(\.|=2E) (ade|adp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|hlp|hta| inf|ins|isp|js|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws| ops|pcd|pif|prf|reg|scf|scr|sct|shb|shs|shm|swf| vb|vbe|vbs|vbx|vxd|wsc|wsf|wsh) ) (?:\?=)? "? \s*(;|$) /x REJECT blocked filename ${1} Or do I have to make this all become one line? It’s on Postfix 2.12_pre20140907 Kind regards Christian -- Bachelor of Science Informatik Erlenwiese 14, 36304 Alsfeld T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345 USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com
smime.p7s
Description: S/MIME cryptographic signature