Re: [exim] Deny MIME attachments in the acl_smtp_mime ACL

Pàgina inicial
Delete this message
Reply to this message
Autor: paul.mcilfatrick
Data:  
A: exim-users
Assumpte: Re: [exim] Deny MIME attachments in the acl_smtp_mime ACL
> > I want to deny e-mail with certain MIME attachments and all
> > the Exim examples I have found use demime.
> >
> > The current Exim documentation says that "The demime
> > condition uses a > > simpler interface to MIME decoding
> > than the MIME ACL functionality, but provides no additional
> > facilities. Please note that this condition is deprecated
> > and kept only for backward compatibility."
> >
> > If the demime condition is deprecated is it possible to do
> > what I want to do in the acl_smtp_mime ACL?
>
> Yes. Probably¹. Some things take more text in the
> configuration file though (that's the price of generalisation
> and flexibility).
>
> What exactly is it you want to do (there are many possible
> criteria for rejection)?
>
> The most common thing to do (probably), denying attached
> files with certain extensions, can be done thusly:
>
>   deny    condition = ${if match \
>                          {${lc:$mime_filename}} \
>                          {[.](bat|com|exe|pif|prf|scr|vbs|lnk|cpl)\$}}
>           message = Attached file '$mime_filename' has 
> disallowed extension.

>
> It was recently discussed whether Windows or some Windows
> applications treat one or more spaces between the final dot
> and the real extension as if they didn't exist. It probably
> doesn't hurt to change the third line above to:
>
>                          {[.] 
> *(bat|com|exe|pif|prf|scr|vbs|lnk|cpl)\$}}

>
> ¹ Exactly what errors $demime_errorlevel reflect and how to
> check for the same errors without demime is badly documented,
> but most of those checks rarely hit anything anyway.


Thanks for this.

I used this information to create the acl_smtp_mime ACL but it took me a bit of research to find that I needed to use decode in order to get the mime_filename variable created.

The following lines were added to the config file:


acl_smtp_mime = check_mime


check_mime:

# Decode MIME parts to disk.
        warn    decode          =       default


        deny    condition       =       ${if match {${lc:$mime_filename}} \
                                        {[.] *(gif|jpg|jpeg|png)\$}}
                message         =       Attached '$mime_filename' file has disallowed extension!


        Accept



Thanks for you help.


Paul Mcilfatrick