-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Keld J�rn Simonsen wrote:
> How can you stop the virus flooding in cooker?
>
> I would like to just stop all mail with some selected
> set of attachments like .pif and .exe - how is this doable, and is it
> standard in the MTA?
>
With header checks enabled in postfix (ie "header_checks =
regexp:/etc/postfix/header_checks" in main.cf), something like this in
the header checks file (in this case /etc/postfix/header_checks) should
work (minimally tested, we had something similar in production, but this
was fished off /. today):
/^Content-(Type|Disposition):.*(file)?name=.*\.(asd|bat|chm|cmd|dll|exe|hlp|hta|jse|lnk|ocx|pif|scr|shb|shm|shs|vb|vbe|vbs|vbx|vxd|wsf|wsh)/REJECT
Sorry, we do not accept .${3} file types.
(all on one line)
> Would be nice to announce 9.2 with the ability to just ignore virus like
> this.
>
> And the MTA should not snd any messages back when this is done, as the
> sender most likely is not the real sender.
This just gives an SMTP error message, which may result in the sending
SMTP client to return the mail. But it's not good practise to return a
good return code when not delivering mail, our users will ask why they
send mail and it never arrives ...
> And please, no mail to the root on the current mail system.
> I had a system with 500 MB for /var but it was filled up in
> less than a day with error messages on sobit.f to root.
You should alias root to a real user, since postfix refuses to use
procmail when delivering as root, and the default procmail setup will
reject mail once 50MB is reached on the mail spool.
> Could the standard MTA be set up to do something reasonable defaults
> in 9.2?
IMHO, intrusive defaults (like a default header check) should only be
done if there is a config tool which can modify them.
Regards,
Buchan
(waiting for drakmailserver)
- --
|--------------Another happy Mandrake Club member--------------|
Buchan Milne Mechanical Engineer, Network Manager
Cellphone * Work +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering http://www.cae.co.za
GPG Key http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/Sm93rJK6UGDSBKcRAhgqAJ9mPfag1PcywwihcPvlyiALht65MACeMtv1
cWMz/ebRu9/l1vMBhxlVac4=
=zxHX
-----END PGP SIGNATURE-----
*****************************************************************
Please click on http://www.cae.co.za/disclaimer.htm to read our
e-mail disclaimer or send an e-mail to [EMAIL PROTECTED] for a copy.
*****************************************************************
