I have a header check meant to discard '.com' executables as follows [1]:
however, undesired operation was just reported[2]:
is there a way to 'improve' the expression to only block file names ending
in .com, how ?
or is there a better solution ?
[1]# grep hc2 *
header_checks:/^Content-(Disposition|Type):\s+.+?(file)?name="?.+?\.com(\.\S{2,4})?(\?=)?"?(;|$)/
REJECT hc2 ".com" file attachment types not allowed
[2]# grep hc2 /var/log/maillog
Feb 25 15:45:41 bilby postfix/cleanup[15987]: B6C3EB446F3: reject: header
Content-Type:
video/x-ms-wmv;??name="CrissAngelpullsaLadyinHalfbothhalvesAlivefromwww.metacafe.com.wmv"
from nschwmtas06p.mx.bigpond.com[61.9.189.152]; from=<lawre...@yyy.com>
to=<pe...@xxxx.com.au> proto=ESMTP helo=<nschwmtas06p.mx.bigpond.com>:
5.7.1 hc2 ".com" file attachment types not allowed
--
Voytek
