On 9/16/2013 6:41 AM, Rowland Onobrauche wrote: > > Postfix config > > postconf -n > smtpd_recipient_restrictions = permit_mynetworks, reject_invalid_hostname, > reject_non_fqdn_hostname, reject_non_fqdn_sender, > reject_non_fqdn_recipient, reject_unknown_sender_domain, > reject_unknown_recipient_domain, reject_unauth_pipelining, > reject_unauth_destination, reject_rbl_client bl.spamcop.net, > reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client > dul.dnsbl.sorbs.net, reject_rbl_client smtp.dnsbl.sorbs.net, > reject_rbl_client web.dnsbl.sorbs.net, reject_rbl_client > nomail.rhsbl.sorbs.net, reject_rbl_client http.dnsbl.sorbs.net, > reject_rbl_client pbl.spamhaus.org, reject_rbl_client psbl.surriel.com, > reject_rbl_client zombie.dnsbl.sorbs.net, whitelist_policy, permit
I'm wondering the purpose of "whitelist_policy, permit". That's far too late in processing for a whitelist. > > cat mime_header_checks > /name=[^>]*\.(scr|pif|bat|exe|dll|vbs)/ REJECT Your expression is broken. There's an excellent example on the header_checks(5) man page. Note this is PCRE and not regexp. http://www.postfix.org/header_checks.5.html /etc/postfix/header_checks.pcre: /^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)( ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe| hlp|ht[at]| inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws| \{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}| ops|pcd|pif|prf|reg|sc[frt]|sh[bsm]|swf| vb[esx]?|vxd|ws[cfh]))(\?=)?"?\s*(;|$)/x REJECT Attachment name "$2" may not end with ".$4" If this expression doesn't catch something you think it should, show the mime headers of the offending message. -- Noel Jones
