Am 17.09.2014 um 01:42 schrieb Viktor Dukhovni: > On Wed, Sep 17, 2014 at 01:24:27AM +0200, li...@rhsoft.net wrote: > >> I still don't understand why "postmap" has a result but with >> postfix Viktors rule don't catch the attachment and so finally >> my one from the initial posting two lines below triggers > > The live configuration must differ from the test configuration, or > your test is flawed.
you may not believe it but there is no live / test - just one configuration the "test" is just send a mail with Thunderbird and a example attachment, in the case below a zerobyte file named "test.exe.txt.sh", added to a new message with subject and body test > Compare mail logs with command-line output. If not the same, > something in your configuration is causing a different set of rules > to be used. Perhaps you've multiple cleanup instances (different > cleanup for submission) for sure not - there is no submission - just Port 25 and the config file is used because it reflects comment out rules and do the same test after reload postfix that was the reason to add (Rule XX) to the reject message ______________________________________________________ that is the log: Sep 17 01:53:57 mail-gw postfix/cleanup[28448]: 3hyLr521BVz1l: reject: header Content-Type: application/x-shellscript;? name="test.exe.txt.sh" from ******; from=<h.rei...@test.thelounge.net> to=<****> proto=ESMTP helo=<srv-rhsoft.rhsoft.net>: 5.7.1 554 Attachment Blocked (Rule 4) ______________________________________________________ that is the content of the config - the config is used 100% for sure because befor the hitting rule had (Rule 3) and yours was on top with (Rule 0) now renumbered tu (Rule 1) [root@mail-gw:~]$ cat postfix/mime_header_checks.cf # Reject Attachment Extensions /^Content-(?:Disposition|Type):(?:.*?;)? \s*(?:file)?name \s* = \s*"?(.*?(\.|=2E)(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cmd|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws|ocx|ops|pcd|pif|pl|prf|reg|scf|scr|script|sct|sh|shb|shm|shs|so|sys|tlb|vb|vbe|vbs|vbx|vxd|wiz|wll|wpc|wsc|wsf|wsh))(?:\?=)?"?\s*(;|$)/x REJECT 554 Attachment Blocked (Rule 1) /^\s*Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cmd|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws|ocx|ops|pcd|pif|pl|prf|reg|scf|scr|script|sct|sh|shb|shm|shs|so|sys|tlb|vb|vbe|vbs|vbx|vxd|wiz|wll|wpc|wsc|wsf|wsh))(\?=)?"?\s*$/x REJECT 554 Attachment Blocked (Rule 2) /^\s*Content-(?:Disposition|Type):(?:.*?;)?\s*(?:file)?name\s*=\s*"?(.*?(\.|=2E)(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cmd|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws|ocx|ops|pcd|pif|pl|prf|reg|scf|scr|script|sct|sh|shb|shm|shs|so|sys|tlb|vb|vbe|vbs|vbx|vxd|wiz|wll|wpc|wsc|wsf|wsh))(?:\?=)?"?\s*(;|$)/x REJECT 554 Attachment Blocked (Rule 3) /name=[^>]*\.(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cmd|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws|ocx|ops|pcd|pif|pl|prf|reg|scf|scr|script|sct|sh|shb|shm|shs|so|sys|tlb|vb|vbe|vbs|vbx|vxd|wiz|wll|wpc|wsc|wsf|wsh)\"/ REJECT 554 Attachment Blocked (Rule 4)
