On Sunday 29 October 2006 05:36, Vitaly A Zakharov wrote:
> Try to use a well-known construction, just above virus checking in Exim
> configuration:
>
> acl_check_mime:
>
> warn decode = default
> drop message = Blacklisted file extension detected.
> condition = ${if
> match{${lc:$mime_filename}}{\N(\.cpl|\.pif|\.bat|\.scr|\.lnk|\.com|\.hta)$\
>N}{1}{0}}
>
> accept
>
> You would be surprised, the volume of viruses will decrease about a half.
You would be surprised, the number of users who complain because these
extensions (especially .lnk and .scr) are blocked.
In fact it was such a common problem among our (mostly non-IT) users, that we
ended up defaulting to NOT blocking executable extensions, though it can be
turned on per-domain.
I don't really like blocking simply on extension anyways - I ran into it
myself when trying to E-mail an HTML file without an extension (it was named
simply somedomain.com).
Cheers,
--
SeattleServer.com Mailing Lists - Casey Allen Shobe
lists@??? -
http://seattleserver.com
