[lug] Postfix and the latest MSTD
bdoctor at ps-ax.com
bdoctor at ps-ax.com
Wed Jan 28 09:31:07 MST 2004
I'd use Anomy for this - works great. Here is a snippet from it's
configuration file:
# Delete executable, script and unscannable attachments:
file_list_1 = (?i)(winmail\.dat
file_list_1 += |\.([23]86|vb[se]|jse|cpl|crt|chm|cpl|in[fsi]
file_list_1 += |isp|dll|drv|cmd|sc[rt]|sys|bat|pif|lnk|hlp
file_list_1 += |ms[cip]|reg|asd|sh[bs]|app|ocx|ht[ta]|mht
file_list_1 += |url|exe|ws[cfh]|ops|com|prx|zip))\s*
file_list_1_policy = drop
file_list_1_scanner = 0
http://mailtools.anomy.net/
Integrates with Postfix very neatly.
-brad
> Is anyone else running Postfix? Have you set up your checks to
> reject any message containing a .zip attachment?
>
> I did... and now I'm getting an error message from Postfix on a
> failed session for every attempted infection. It's very annoying.
> I'm fairly confident it's not a problem in my scripts since I
> don't get this behavior when rejecting other types of attachments.
>
> So I'm 99% certain this is just more proof of Quality Viral
> Programming(tm) - it gets the 4xx code and shits all over the SMTP
> connection drawing attention to itself. But I'm not 100% certain
> unless others reprt similiar experiences....
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>
--
Brad Doctor, CISSP
More information about the LUG
mailing list