*argh* "regexp" versus "pcre" i only replaced the regex without realite the different map type
that's why i posted "postconf -n" :-( however, works now, thank you! Am 17.09.2014 um 01:59 schrieb li...@rhsoft.net: > Am 17.09.2014 um 01:42 schrieb Viktor Dukhovni: >> On Wed, Sep 17, 2014 at 01:24:27AM +0200, li...@rhsoft.net wrote: >> >>> I still don't understand why "postmap" has a result but with >>> postfix Viktors rule don't catch the attachment and so finally >>> my one from the initial posting two lines below triggers >> >> The live configuration must differ from the test configuration, or >> your test is flawed. > > you may not believe it but > > there is no live / test - just one configuration > > the "test" is just send a mail with Thunderbird and a example attachment, > in the case below a zerobyte file named "test.exe.txt.sh", added to a new > message with subject and body test > >> Compare mail logs with command-line output. If not the same, >> something in your configuration is causing a different set of rules >> to be used. Perhaps you've multiple cleanup instances (different >> cleanup for submission) > > for sure not - there is no submission - just Port 25 and the > config file is used because it reflects comment out rules > and do the same test after reload postfix > > that was the reason to add (Rule XX) to the reject message > ______________________________________________________ > > that is the log: > > Sep 17 01:53:57 mail-gw postfix/cleanup[28448]: 3hyLr521BVz1l: reject: header > Content-Type: > application/x-shellscript;? name="test.exe.txt.sh" from ******; > from=<h.rei...@test.thelounge.net> to=<****> > proto=ESMTP helo=<srv-rhsoft.rhsoft.net>: 5.7.1 554 Attachment Blocked (Rule > 4) > ______________________________________________________ > > that is the content of the config - the config is used 100% for sure > because befor the hitting rule had (Rule 3) and yours was on top with > (Rule 0) now renumbered tu (Rule 1) > > [root@mail-gw:~]$ cat postfix/mime_header_checks.cf > # Reject Attachment Extensions > > /^Content-(?:Disposition|Type):(?:.*?;)? \s*(?:file)?name \s* = > \s*"?(.*?(\.|=2E)(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cmd|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws|ocx|ops|pcd|pif|pl|prf|reg|scf|scr|script|sct|sh|shb|shm|shs|so|sys|tlb|vb|vbe|vbs|vbx|vxd|wiz|wll|wpc|wsc|wsf|wsh))(?:\?=)?"?\s*(;|$)/x > REJECT 554 Attachment Blocked (Rule 1) > > /^\s*Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cmd|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws|ocx|ops|pcd|pif|pl|prf|reg|scf|scr|script|sct|sh|shb|shm|shs|so|sys|tlb|vb|vbe|vbs|vbx|vxd|wiz|wll|wpc|wsc|wsf|wsh))(\?=)?"?\s*$/x > REJECT 554 Attachment Blocked (Rule 2) > > /^\s*Content-(?:Disposition|Type):(?:.*?;)?\s*(?:file)?name\s*=\s*"?(.*?(\.|=2E)(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cmd|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws|ocx|ops|pcd|pif|pl|prf|reg|scf|scr|script|sct|sh|shb|shm|shs|so|sys|tlb|vb|vbe|vbs|vbx|vxd|wiz|wll|wpc|wsc|wsf|wsh))(?:\?=)?"?\s*(;|$)/x > REJECT 554 Attachment Blocked (Rule 3) > > /name=[^>]*\.(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cmd|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws|ocx|ops|pcd|pif|pl|prf|reg|scf|scr|script|sct|sh|shb|shm|shs|so|sys|tlb|vb|vbe|vbs|vbx|vxd|wiz|wll|wpc|wsc|wsf|wsh)\"/ > REJECT 554 Attachment Blocked (Rule 4)
