I've been reading the discussion here and the various approaches to blocking
extensions
I'd gotten this from a friend awhile ago, and have been using it
With
postfix_header_checks = pcre:/path/to/custom_header_checks
smtpd_sasl_authenticated_header = yes
cat /path/to/custom_header_checks
...
/filename=\"?(.*)\.(exe|vbe)\"?$/
REJECT attachment type forbidden
/^\s*Content-(Disposition|Type).*name\s*=\s*"?(.+\.(exe|vbe))"?\s*$/
REJECT attachment type (File "$2", Extension "$3") forbidden
...
seems to work fine
<[email protected] >: host mx.yyy.com[##.##.##.##] said:
550 5.7.1 REJECT attachment type forbidden (in reply to end of DATA
command)
Just checking -- is there any reason NOT to keep doing it this ^^ way?
