[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Neil Russell wrote:
Anybody have experience of ENSIM on redhat 7.x? looking for info on setting up a mail spam filter and or AV. best place to look anybody?
Nope. Viruses are easy to kill.... 23:58:05 srw$ more /etc/postfix/mime_header_checks.regexp /filename=\"?(.*)\.(bat|chm|cmd|com|do|exe|hta|jse|rm|scr|pif|vbe|vbs|vxd|xl)\"?$/ REJECT For security reasons we reject attachments of this type /^\s*Content-(Disposition|Type).*name\s*=\s*"?(.+\.(lnk|asd|hlp|ocx|reg|bat|c[ho]m|cmd|exe|dll|vxd|pif|scr|hta|jse?|sh[mbs]|vb[esx]|ws[fh]|wav|mov|wmf|xl))"?\s*$/ REJECT Attachment type not allowed. File "$2" has the unacceptable extension "$3" Postfix v2(!) is so elegant at doing these things. Seems to have bounced 88 in 4 days - okay bouncing isn't ideal but sometimes it may be genuine. Theoretically we ought to whitelist good attachments not bounce the bad but no one can ever be bothered to maintain the list - but then most of the email here is read on Linux (Faye still does MS Windows). Okay it missed "zip" but you need always to filter on the desktop anyway, as it is very hard to close down all avenues into a network, short of locking or removing floppy drives and CD's, disabling idle ports on switches - that sort of paranoia. Spam - I think whitelisting is the best approach, not seen a filter that comes close - so I'll stick with TMDA.
Attachment:
pgp00115.pgp
Description: PGP signature