AW: [Exim] Bombarded by pif attachments

Pàgina inicial
Delete this message
Reply to this message
Autor: Graham Dodd
Data:  
A: exim-users
Assumpte: AW: [Exim] Bombarded by pif attachments
Hello All,

as a newbie who's still working his way through Philip's book please excuse
my ignorance of Exim, I hope to have it recified before long ;-)

I would like to add a log message (exim_main.log) whenever an unwanted file
extension is caught and I'm not sure whether to use message or log_message

deny message   = This message contains an unwanted file extension \
                  ($found_extension)
demime         = pif:exe:com:scr:vbs
message        = Bad extension caught: $found_extension from $sender_address


thank you,

Graham

>
>
> >deny    message   = This message contains an unwanted file extension \
> >                  ($found_extension)
> >  demime          = pif:exe:com:scr:vbs
> What I have done was put this in the system-filter.
> Doesn't this have the same effect.

>
> /etc/mail/system-filter
>
> if $header_content-type: matches
> "(?:file)?name=(\"[^\"]+\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|
> eml|exe|hl
> p|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|
> url|vb[se]
> |ws[fhc])\")"
> then
>    fail text "This message has been rejected because it has\n\
>               potentially executable content $1\n\
>               This form of attachment has been used by\n\
>               recent viruses or other malware.\n\
>               If you meant to send this file then please\n\
>               package it up as a zip file and resend it."
>    seen finish
> Endif

>
>