Hi;
Am Mittwoch, den 08.03.2006, 05:59 -0500 schrieb John Peacock:
> Holger Burde wrote:
> > i won't work. Only multipart/mixed; (debug) is recognized and the zip
> > i wanted to block gets through. Any idea how to get rid of those MIME
> > Types with pqsmtpd plugs ? Is there any trick in the check_contentent
> > Modul i overlooked ?
>
> What is the regex that you are putting in config/content_types? This should
> do
> the trick:
>
> m{^(.*\t)*application/zip(\s|;|$)}i DENY
OK - just tried this one - same result as before.
> (to slightly modify one of Peter's examples), assuming you are trying to
> globally block all zip file attachments. This won't block e-mails with
> uuencoded zip files embedded directly in a text-only message (which lookOut is
> so helpful about opening for you).
its embeded in the Mail body - base64 encoded and correct tagged as
--=-khnDhvd84oD44hFER7of
Content-Disposition: attachment; filename=whatever.zip
Content-Type: application/zip; name=whatever.zip
Content-Transfer-Encoding: base64
.
Evolution tags the HEADER with Content-Type: multipart/mixed;
boundary="=-khnDhvd84oD44hFER7of" and inside (Mail BODY) u find the
actual Mime Types. check_content type finds ONLY the Header Tag and the
zip goes through.
> Are you, perhaps, more concerned about viruses or worms (rather than just
> blindly blocking all zip files)? If so, you may just want to install ClamAV
> (a
> free anti-virus scanner) which will correctly scan zipped viruses and worms.
PS clamav is also running. I need to filter out complete MIME Ranges
like zip gzip or whatever. Its Part of a EMAIL-Policy - some Types are
allowed and go through (if clamav does not find anything) others not. I
am just looking for a way to implement this using the qpsmtpd framework.
hb
> HTH
>
> John
--
Holger Burde Consulting - ITSEC und Opensource Consulting
Web: http://www.burde-consulting.de Mail: [EMAIL PROTECTED]
Phone: 0421 2208 102 FAX: 0421 2208 103
