From: List User Kreme (LuKreme)
Date: Mon Sep 01 2003 - 15:28:24 EDT
On Aug 31, 2003, at 11:39 PM, Noel Jones wrote:
> On Sun, Aug 31, 2003 at 11:19:33PM -0600, LuKreme wrote:
>> I have separate files. the above is in /etc/postfix/header_checks
>>
>> /etc/postfix/mime_header_checks:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> # Noel Jones <> showed a better way:
>> /^Content-(Disposition|Type).*name\s*=\s*"?(.*\.(
>> ade|adp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|hlp|hta|
>> inf|ins|isp|js|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws|
>> ops|pcd|pif|prf|reg|scf|scr\??|sct|shb|shs|shm|swf|
>> vb[esx]?|vxd|wsc|wsf|wsh))(\?=)?"?\s*(;|$)/x
>> REJECT 598 Attachment name "$2" may not end with ".$3"
>
> this is a mime header. If you have separet files it belongs in
> mime_header_checks. The header_checks function will never see this.
Right. it is in mime_header_checks (and is working). It is the
header_checks that is not logging the warning. Oddly, if I introduce a
syntax error into the header_checks file, I see the warning of the
syntax error, so I'm baffled.
/etc/postfix/header_checks:
# Insert Syntax error
/^Content-Type:.*text//html/ WARN 597 No HTML-ONLY email allowed.
logged:
postfix/cleanup[53323]: warning: pcre map /etc/postfix/header_checks,
line 1: unknown regexp option "/": skipping this rule
> Also please note that I don't claim the above is a complete list
> of potentially dangerous content.
No, but it is the vast majoity of virus/worms. In point of fact, for
my needs blocking pif scr prf exe and the vb[esx] is almost certainly
enough, but I do have some windows users and it's not like any of those
additional types are going to cause problems.
> In particular, I don't reject html? extenstions which could contain
> executable code.
That WOULD cause problems.
> and to give full credit, the expression is based on and nearly
> identical to one posted here last year by Russell Moseman.
Good to know, I'll add his name :)
-- You are responsible for your Rose Rule #5 Get Kirsten Dunst Wet
|
|
|