Amazon.com in the filename. .com extension.
/name=[^>]*\.(bat|com|exe|dll|vbs|xls|zip)/ REJECT
Am 11.02.2025 um 20:33 schrieb Phil Stracchino via Postfix-users:
Hey folks, I have a puzzle that has me scratching my head. A few minutes ago I tried to send a mail message with a PDF attachment ... and my mail server rejected it. Feb 11 14:05:03 minbar postfix/submission/smtpd[31748]: connect from babylon5.caerllewys.net[10.24.32.10] Feb 11 14:05:03 minbar postfix/submission/smtpd[31748]: Anonymous TLS connection established from babylon5.caerllewys.net[10.24.32.10]: TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256 Feb 11 14:05:03 minbar postfix/submission/smtpd[31748]: NOQUEUE: permit: RCPT from babylon5.caerllewys.net[10.24.32.10]: action=permit_mynetworks for Client host=babylon5.caerllewys.net[10.24.32.10] ; from=<ph...@caerllewys.net> to=<customerserv...@californiaairtools.com> proto=ESMTP helo=<[10.24.32.10]> Feb 11 14:05:03 minbar postfix/submission/smtpd[31748]: 6BFB540B488B3: client=babylon5.caerllewys.net[10.24.32.10] Feb 11 14:05:03 minbar postfix/submission/smtpd[31748]: 6BFB540B488B3: permit: RCPT from babylon5.caerllewys.net[10.24.32.10]: action=permit_mynetworks for Client host=babylon5.caerllewys.net[10.24.32.10] ; from=<ph...@caerllewys.net> to=<i...@californiaairtools.com> proto=ESMTP helo=<[10.24.32.10]> Feb 11 14:05:03 minbar postfix/submission/smtpd[31748]: 6BFB540B488B3: permit: DATA from babylon5.caerllewys.net[10.24.32.10]: action=permit for Data command=DATA ; from=<ph...@caerllewys.net> proto=ESMTP helo=<[10.24.32.10]> Feb 11 14:05:03 minbar postfix/cleanup[31750]: 6BFB540B488B3: message-id=<c41e62ca-d880-469f-910e-215ea8792...@caerllewys.net> Feb 11 14:05:03 minbar postfix/cleanup[31750]: 6BFB540B488B3: reject: header Content-Type: application/pdf; name="Amazon.com - Order? 113-0152552-4403477.pdf" from babylon5.caerllewys.net[10.24.32.10]; from=<ph...@caerllewys.net> to=<i...@californiaairtools.com> proto=ESMTP helo=<[10.24.32.10]>: 5.7.1 message content rejected Feb 11 14:05:03 minbar postfix/submission/smtpd[31748]: disconnect from babylon5.caerllewys.net[10.24.32.10] ehlo=2 starttls=1 mail=1 rcpt=2 data=0/1 commands=6/7 Here's why I'm scratching my head over this: *I don't filter PDF attachments.* There is no file ANYWHERE in my configuration that even *contains* the case-insensitive character sequence 'pdf' or any regexp that could match it. I have header_checks = pcre:/etc/postfix/smtp_header_checks.pcre, but that file checks only the following headers: if /^X-Spam-Score:/ if /^To:/ if /^From:/ if /^Reply-To:/ if /^Return-path:/ if /^Subject:/ if /^X-Mailer:/ if /^User agent:/ if /^X-PHP-Originating-Script:/ if /^Authentication-Results:/ if /^Organisation:/ if /^Cc:/ I have mime_header_checks = pcre:/etc/postfix/mime_header_checks, but that file contains only the following: /name=[^>]*\.(bat|com|exe|dll|vbs|xls|zip)/ REJECT I've successfully sent and received PDF attachments before. In fact, I just did another test, sending a *different* PDF file between two local accounts at different domains, and it worked perfectly with no complaint. So why on EARTH is my mailserver rejecting *THIS* PDF attachment based upon its Content-Type?
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
