On Sat, 27 Sep 2003, Pim Bliek wrote:With postfix 2.x you can do mime_header_checks for "dangerous extensions" in the Content-Type/Content-Disposition and body_checks for the "MS executable MIME fingerprint"
I get the virii with 3 different content-types:But how do you filter them out using postfix?
application/x-msdownload,audio/x-wav,audio/x-mid
so, just exe doesnt seem to cover it.
Pim
I was commenting that you can not just check on .exe becasue the virus is not just in .exe files. I was suggesting to check the message body for this line. I do not know about postfix. sorry. -K
http://sbserv.stahl.bau.tu-bs.de/~hildeb/postfix/postfix_sobigf.shtml
I'm running 1.x, so I only do body_checks.
I feel like I'm in a bit of a delima there though, because I want my gateway mail server to be stable and supported by the security team, but I want the newer features of the later versions so I can make better inbound SMTP decisions. Same goes if I chose to use exim, I'd want v4.
Jacob
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
