Re: [exim] Deny MIME attachments in the acl_smtp_mime ACL

Thu, 23 Nov 2006 06:38:40 -0800 

> > I want to deny e-mail with certain MIME attachments and all 
> > the Exim examples I have found use demime.
> >
> > The current Exim documentation says that "The demime 
> > condition uses a > > simpler interface to MIME decoding 
> > than the MIME ACL functionality, but provides no additional 
> > facilities. Please note that this condition is deprecated 
> > and kept only for backward compatibility."
> >
> > If the demime condition is deprecated is it possible to do 
> > what I want to do in the acl_smtp_mime ACL?
> 
> Yes. Probably¹. Some things take more text in the 
> configuration file though (that's the price of generalisation 
> and flexibility).
> 
> What exactly is it you want to do (there are many possible 
> criteria for rejection)?
> 
> The most common thing to do (probably), denying attached 
> files with certain extensions, can be done thusly:
> 
>   deny    condition = ${if match \
>                          {${lc:$mime_filename}} \
>                          {[.](bat|com|exe|pif|prf|scr|vbs|lnk|cpl)\$}}
>           message = Attached file '$mime_filename' has 
> disallowed extension.
> 
> It was recently discussed whether Windows or some Windows 
> applications treat one or more spaces between the final dot 
> and the real extension as if they didn't exist. It probably 
> doesn't hurt to change the third line above to:
> 
>                          {[.] 
> *(bat|com|exe|pif|prf|scr|vbs|lnk|cpl)\$}}
> 
> ¹ Exactly what errors $demime_errorlevel reflect and how to 
> check for the same errors without demime is badly documented, 
> but most of those checks rarely hit anything anyway.

Thanks for this.

I used this information to create the acl_smtp_mime ACL but it took me a bit of 
research to find that I needed to use decode in order to get the mime_filename 
variable created.

The following lines were added to the config file:


acl_smtp_mime = check_mime


check_mime:

# Decode MIME parts to disk.
        warn    decode          =       default

        deny    condition       =       ${if match {${lc:$mime_filename}} \
                                        {[.] *(gif|jpg|jpeg|png)\$}}
                message         =       Attached '$mime_filename' file has 
disallowed extension!

        Accept


Thanks for you help.


Paul Mcilfatrick

-- 
## List details at http://www.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/

Reply via email to