Alex wrote:
> Okay, thanks. I'm doing this already on the pcre header_checks file,
> and have added it on the mime_types file, but noticed a problem with
> the pattern matching:
>
> /^Content-(Disposition|Type):\s+.+?(file)?name="?.+?\.com(\.\S{2,4})?(\?=)?"?(;|$)/
> REJECT ".com" file attachment types not allowed
>
> Sep 28 19:00:30 mail03 postfix/cleanup[31039]: 7B2BC209EDF9: reject:
> header Content-Type: image/png;??name="Exterior Canopy
> Light.png";??x-apple-part-url="[email protected]"
> from nm32-vm0.bullet.mail.bf1.yahoo.com[72.30.239.136];
> from=<[email protected]> to=<[email protected]> proto=ESMTP
> helo=<nm32-vm0.bullet.mail.bf1.yahoo.com>: 5.7.1 message content
> rejected
>
> Why didn't it print the "file attachment types not allowed" and
> instead the more generic message? Running postmap manually does print
> that:
>
> # postmap -q 'Content-Type: image/png;??name="Exterior Canopy
> Light.png";??x-apple-part-url="[email protected]"'
> pcre:header_checks-jimsun.pcre
> REJECT ".com" file attachment types not allowed
>
> I checked to see if it was perhaps hitting another rule, and I don't
> see any that match "png" specifically. How can I adjust that rule to
> only block files that actually end in '.com'?
It took me a careful close look to see what was going wrong.
This bit:
name="?.+?\.com
should probably be:
name="?[^"]+?\.com
so that the .+ match doesn't happily churn along into the second segment
of the header. It might still misfire if the quotes were not present in
the message - possibly [^";] instead would fix that.
-kgd
