Howdy Exim group!
I'm was looking over the thread about stopping sobig, and I'd like to simply deny messages with certain file extensions attached to them to stop any virus. Since I'm such an Exim newbie I'm wondering if I am implementing this properly/going about it properly/understanding the principles involved and if this will work on messages coming in to accounts on the Exim server or email being sent out by accounts on the exim server or both.
In my Exim4 conf file I have ::
acl_smtp_data = check_message
...
--- current check_message ---
#!!# ACL that is used after the DATA command
check_message:
require verify = header_sender
accept
--- will this change to check_message cause attachments with those extensions to be denied? ---
#!!# ACL that is used after the DATA command
check_message:
require verify = header_sender
deny message = contains $found_extension file (blacklisted).
demime =
ade:adp:bas:bat:chm:cmd:com:cpl:crt:exe:hlp:hta:inf:ins:isp
:js:jse:lnk:mdb:mde:msc:msi:msp:mst:pcd:pif:reg:scr:sct:shs
:shb:url:vb:vbe:vbs:wsc:wsf:wsh:ADE:ADP:BAS:BAT:CHM:CMD:COM
:CPL:CRT:EXE:HLP:HTA:INF:INS:ISP:JS:JSE:LNK:MDB:MDE:MSC:MSI
:MSP:MST:PCD:PIF:REG:SCR:SCT:SHS:SHB:URL:VB:VBE:VBS:WSC:WSF:WSH
accept
TIA
Dan
