Re: [exim] SPAM Filtering - Losing the war!

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: SeattleServer.com
Data:  
Para: exim-users
CC: Vitaly A Zakharov, Oliver Egginger
Assunto: Re: [exim] SPAM Filtering - Losing the war!
On Sunday 29 October 2006 05:36, Vitaly A Zakharov wrote:
> Try to use a well-known construction, just above virus checking in Exim
> configuration:
>
> acl_check_mime:
>
>    warn    decode         = default
>    drop    message        = Blacklisted file extension detected.
>            condition      = ${if
> match{${lc:$mime_filename}}{\N(\.cpl|\.pif|\.bat|\.scr|\.lnk|\.com|\.hta)$\
>N}{1}{0}}

>
>    accept

>
> You would be surprised, the volume of viruses will decrease about a half.


You would be surprised, the number of users who complain because these
extensions (especially .lnk and .scr) are blocked.

In fact it was such a common problem among our (mostly non-IT) users, that we
ended up defaulting to NOT blocking executable extensions, though it can be
turned on per-domain.

I don't really like blocking simply on extension anyways - I ran into it
myself when trying to E-mail an HTML file without an extension (it was named
simply somedomain.com).

Cheers,
--
SeattleServer.com Mailing Lists - Casey Allen Shobe
lists@??? - http://seattleserver.com