Re: [Exim] acl for DATA command

Top Page
Delete this message
Reply to this message
Author: jzaw
Date:  
To: exim-users
Subject: Re: [Exim] acl for DATA command
On Tuesday, Sep 30, 2003, at 13:37 Europe/London, Pavel Gulchouck wrote:

> Due to Win32.HLLM.Gibe.2 virus here's too much load,

<snip>
> so I need drop a big part of this mail as victum.
> I decide to deny all message with size more then 50K and messages
> without SIZE specified in MAIL command. In this case I deny all
> viruses


Pavel

i see that HLLM.Gibe.2 (also kown as Swen?) has its own smtp engine

is there any reason why you cant just reject any and all exe
attachments? (and many others)
at smtp time using exim compiled with exiscan-acl patch?


###########################################
#                       ACL CONFIGURATION
# Specifies access control lists for incoming SMTP mail
###########################################


begin acl

acl_check_rcpt:

.
.

<snip>
.
.

   deny message = This message contains a MIME error ($demime_reason)
        demime = *
        condition = ${if >{$demime_errorlevel}{2}{1}{0}}


   deny message = This message contains a nasty evil file extension
($found_extension)
        demime = vbe:vbs:vbx:wsf:wsh:exe:com:cmd:shs:hta:bat:scr:lnk:pif