On 06/01/2014 12:24 AM, Viktor Dukhovni wrote:
> On Sun, Jun 01, 2014 at 08:11:42AM +0300, Inteq Solution - Dep. Tehnic wrote:
>
>> I am blocking executables and potentially dangerous extensions with
>> header_checks = pcre:/etc/postfix/header_checks.pcre
>>
>> Inside header_checks.pcre I have:
>>
>> /^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|hlp|ht[at]|inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|\{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}|ops|pcd|pif|prf|reg|sc[frt]|sh[bsm]|swf|vb[esx]?|vxd|ws[cfh]))(\?=)?"?\s*(;|$)/x
>> REJECT Attachment name "$2" not allowed
> Looks OK at first glance.
>
>> I also have a mime_header_checks = regexp:/etc/postfix/mime_header_checks
>> with the content:
>>
>> /name=[^>]*\.(ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|hlp|ht|inf|ins|isp|jse?|lnk|md|ms|nws|ops|pcd|pif|prf|reg|sc|sh|swf|vb|vxd|ws|pl|py)/
>> REJECT Attachment not allowed
> One of these things is not like the other...
>
>> I must be doing something wrong, but no matter how I look at it, I do not
>> see it.
> The default Postfix setting is:
>
> mime_header_checks = $header_checks.
>
I was curious so I tried your header_checks against the
emailsecuritycheck.net and they didn't work for me either.
Edgar
