RE: [Exim] ACL to ALLOW only mentioned attachments type and …

Top Page

Reply to this message
Author: Dickenson, Steven
Date:  
To: 'Chris Edwards', exim-users
Subject: RE: [Exim] ACL to ALLOW only mentioned attachments type and block *
Most Exchange admins (arguably mail admins most concerned with Windows
viruses) consider Martin Blackstone's list of danger to be rather complete.

http://www.swinc.com/resource/exch_faq_appxj.htm

Of course, it doesn't include archive files (Zip, Rar, etc), but does cover
just about everything that can be directly executed by Windows.

Steven
---
Steven Dickenson <sdickenson@???>
Network Administrator
The Key School, Annapolis Maryland

-----Original Message-----
From: Chris Edwards [mailto:chris@eng.gla.ac.uk]
Sent: Friday, March 26, 2004 7:45 AM
To: exim-users@???
Subject: Re: [Exim] ACL to ALLOW only mentioned attachments type and block *


| > Can i write a ACL which allows only specified attachments type and
| > BLOCKS all *

|
| I'm wildly guessing here, as I haven't tried to see if this actually works
| with the way Exiscan hooks into the ACLs, but how about:

|
| deny message = Bad attachment
|      !demime = txt

|
| if you only wanted to allow attachments with a "txt" extension?


Interesting. Our management recently suggested a "default deny" policy
for file extensions. Quite tempting, considering the state of M$
insecurity.
I hate to think how many dangerous filetypes are not on our banned list.

Of course, outside of the M$ world these are arbitary file names. A unix
user might be mailing yesterday's results in a file called "results.thu"
and get blocked. Not really practical here.

--
Chris Edwards, Glasgow University Computing Service

--

## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at http://www.exim.org/ ##