| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: A.J.Caines at halplant.com (Andrew J Caines) Subject: Re: Filtering sobig with postfix vogt@...senet.com said... > Thought about that, but doesn't quite work. The headers only say > multipart/mime. The .pif part comes later in the attachment. You want mime_header_checks, eg. # postconf mime_header_checks mime_header_checks = pcre:/etc/postfix/mime_header # cat /etc/postfix/mime_header /^\s*Content-(Disposition|Type).*name\s*=\s*"?(.*\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|dll|doc|exe|hlp|hta|inf|ins|isp|js|jse|lnk|mde|mdt|mdw|msc|msi|msp|mst|nws|ops|pcd|pif|ppt|prf|reg|scf|scr|sct|shb|shs|shm|swf|vb|vbe|vbs|vbx|vxd|wsc|wsf|wsh|xls))"?\s*$/x REJECT Attachment violates server policy. See http://your.web.site/Mail_ToS.html There is much discussion of this in the postfix-users mailing list archives[1]. [1] See eg. http://msgs.securepoint.com/postfix/ -Andrew- -- _______________________________________________________________________ | -Andrew J. Caines- Unix Systems Engineer A.J.Caines@...plant.com | | "They that can give up essential liberty to obtain a little temporary | | safety deserve neither liberty nor safety" - Benjamin Franklin, 1759 |
Powered by blists - more mailing lists