On Sep 18, 2014, at 7:45 AM, terrygalant.li...@fastest.cc wrote: > I've been reading the discussion here and the various approaches to blocking > extensions > > I'd gotten this from a friend awhile ago, and have been using it > > With > > postfix_header_checks = pcre:/path/to/custom_header_checks > smtpd_sasl_authenticated_header = yes > > cat /path/to/custom_header_checks > ... > /filename=\"?(.*)\.(exe|vbe)\"?$/ > REJECT attachment type forbidden > /^\s*Content-(Disposition|Type).*name\s*=\s*"?(.+\.(exe|vbe))"?\s*$/ > REJECT attachment type (File "$2", Extension "$3") forbidden > ... > > seems to work fine > > <t...@xxx.com >: host mx.yyy.com[##.##.##.##] said: > 550 5.7.1 REJECT attachment type forbidden (in reply to end of DATA > command) > > Just checking -- is there any reason NOT to keep doing it this ^^ way? > >
I don’t necessarily trust just the extension of the filename. I’d also look at the file’s magic (same as the OS does) as well as the content-type. Can’t be too thorough. -Philip
