Hi,
>> [1] http://www.postfix.org/header_checks.5.html >> > > Do I need to check both Content-(Type|Disposition) ? > > from what I can see, an attachment is always identified by its filename, > as in: > > Content-Disposition: attachment; > filename="bla_bla.docx"; size=168097; > creation-date="Tue, 02 Dec 2014 13:26:29 GMT"; > modification-date="Tue, 02 Dec 2014 13:26:29 GMT" > > If I wanted to reject all doc|docx attachments, can I use this simpler > rule ? > > /^Content-Disposition: .*filename=".*\.(doc|docx)"/ REJECT Attachment > rejected > > or will some attachments slip through ? I have the following in my mime_header_checks and haven't had any problems: mime_header_checks = pcre:/etc/postfix/mime_header_checks /^(Content-(Type|Disposition)\:|[[:space:]]+).*(file)?name="Order\.Doc"?;?$/ REJECT /^(Content-(Type|Disposition)\:|[[:space:]]+).*(file)?name="?.*\.scr"?;?$/ REJECT /^(Content-(Type|Disposition)\:|[[:space:]]+).*(file)?name="?.*\.rar"?;?$/ REJECT /^(Content-(Type|Disposition)\:|[[:space:]]+).*(file)?name="?.*\.vbs"?;?$/ REJECT /^(Content-(Type|Disposition)\:|[[:space:]]+).*(file)?name="?.*\.exe"?;?$/ REJECT /^(Content-(Type|Disposition)\:|[[:space:]]+).*(file)?name="?.*\.dll"?;?$/ REJECT /^(Content-(Type|Disposition)\:|[[:space:]]+).*(file)?name="?.*\.shs"?;?$/ REJECT /^(Content-(Type|Disposition)\:|[[:space:]]+).*(file)?name="?.*\.com"?;?$/ REJECT /^(Content-(Type|Disposition)\:|[[:space:]]+).*(file)?name="?.*\.bat"?;?$/ REJECT /^(Content-(Type|Disposition)\:|[[:space:]]+).*(file)?name="?.*\.pif"?;?$/ REJECT Regards, Alex
