On 16 Sep 2013, at 12:26, Larry Stone wrote: > > On Sep 16, 2013, at 6:01 AM, Rowland Onobrauche <[email protected]> > wrote: > >> >> On 16 Sep 2013, at 11:38, Wietse Venema wrote: >> >>> Rowland Onobrauche: >>>> I am currently using mime_header_checks to block certain attachments >>>> with such a string - /name=[^>]*\.(scr|pif|bat|exe|dll|vbs)/ REJECT >>>> This however does not stop me from receiving 100s of exes and other >>>> suspect attachments - which are being blocked by mailscanner, >>>> however, i want these blocking at the smtp transaction stage. Can >>>> anyone suggest a better way of doing this, so that the checks are >>>> successful at smtp transaction? >>> >>> You made a configuration error. Unfortunately, I am not telepathic. >>> >>> Wietse >> >> Not very helpful. >> Does anyone else have any advice on this? > > > Per the message you received when you subscribed to this list, > TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail > > We're not mindreaders and if you do not provide the information requested, we > can't tell you what you did wrong. > > -- > Larry Stone > [email protected] > http://www.stonejongleux.com/ > > >
Postfix config postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 disable_vrfy_command = yes header_checks = regexp:/etc/postfix/header_checks html_directory = no inet_interfaces = localhost, $myhostname inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 15728640 mime_header_checks = regexp:/etc/postfix/mime_header_checks mydestination = $myhostname, localhost.$mydomain, localhost mydomain = xx.uk myhostname = xx.uk mynetworks = 127.0.0.1, x.x.x.x.33 mynetworks_style = host newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES relay_domains = hash:/etc/postfix/relay_domains.cf sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_banner = $myhostname smtpd_client_restrictions = reject_unknown_client, check_client_access regexp:/etc/postfix/client_restrictions smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = check_helo_access hash:/etc/postfix/access_helo, permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, permit smtpd_recipient_restrictions = permit_mynetworks, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client smtp.dnsbl.sorbs.net, reject_rbl_client web.dnsbl.sorbs.net, reject_rbl_client nomail.rhsbl.sorbs.net, reject_rbl_client http.dnsbl.sorbs.net, reject_rbl_client pbl.spamhaus.org, reject_rbl_client psbl.surriel.com, reject_rbl_client zombie.dnsbl.sorbs.net, whitelist_policy, permit smtpd_restriction_classes = whitelist_policy, smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_invalid_hostname, reject_unknown_sender_domain, permit strict_rfc821_envelopes = no transport_maps = hash:/etc/postfix/transports.cf unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual cat mime_header_checks /name=[^>]*\.(scr|pif|bat|exe|dll|vbs)/ REJECT
