off by one for 2007 February 1 (entry 0)

< security ideas
explaining finite automata -- without sounding CrAzY! >

[Trackback URL for this entry] Thu Feb 01 10:39:06 PST another one from spamblock:

It is trivially easy to block attachments by extension with postfix. This is nothing earth shattering, and people have been doing this for years, but pretty much everyone running postfix should be doing this. And it's so easy that you have no excuse.

Step 1: Create a file header_checks in your /etc/postfix directory. In that file, put a line like this:

/^content-(type|disposition):.*name *=.*\.(exe|pif|com|scr|bat)/ REJECT We cannot accept executable attachments

... run postmap on that file to create header_checks.db.

Step 2: Edit main.cf and add a line like this:

header_checks = regexp:/etc/postfix/header_checks

... restart postfix.

Step 3: PROFIT!!!

Seriously, that's it. You can also use a pcre instead of a regexp by using the postfix-pcre package (in Debian/Ubuntu), and changing "regexp" to "pcre" in the main.cf line.

Originally from here... but their regexp has a bug in it.

Filed under: technical


[Main]

Unless otherwise noted, all content licensed by Peter A. H. Peterson
under a Creative Commons License.