>From: Gururajan Ramachandran <grr@???>
>To: exim-users@???
>Subject: [Exim] Null Sender
>Date: Fri, 11 Jul 2003 07:04:33 -0400
>
>I know that Null Sender is valid as per RFC.
>
>However, is there a way to block email at the SMTP level that have
>both Null Sender *AND* attachments?
Not quite sure why you'd want to do this.
You should be able to do this with exim-4.20 + Tom Kistner's
exiscan-acl-4.20-09.patch. In the macros section at the head of the
main section put something like:
# A list of file extensions that may be harmful to the health &
# welfare of crippleware on Windows machines.
NASTIES1 = ade:adp:bas:bat:chm:cmd:com:cpl:crt:eml:exe:hlp
NASTIES2 = hta:inf:ins:jse:lnk:mdb:mde:msc:msi:msp:mst:pcd
NASTIES3 = pif:reg:scr:sct:shs:url:vbs:vbe:wsf:wsh:wsc
NASTYGRAMS = NASTIES1:NASTIES2:NASTIES3
Then, as part of your acl_smtp_data ACL, have somthing like:
# Reject messages that have serious MIME errors. This calls the
# demime condition. Note that the results of demime are cached, so
# we can freely use it later in this ACL.
deny message = Serious MIME defect detected ($demime_reason)
demime = *
condition = ${if > {$demime_errorlevel}{2} {yes}{no}
# The following should reject email from null senders with
# unwanted attachments.
deny message = bounce message with blacklisted file attachment ($found_extension)
senders = :
demime = NASTYGRAMS
Note I haven't tried the above. Use at your own risk!
