Hello Michael. It is a near impossible task, as i.e. encrypted data can easily be transferred as uuencode text in a plain text message, and you will not notice this in the headers. And also trying to actively detected whether or not the body or the attachments of a message are encrypted is quite tricky, and also potentially prone to a number of positive false detections. If this is not enough steganography and other methodologies can be used to hide encrypted data, making the task really complex even for high-end organizations....
More, you could maybe have some form of binding agreement with the ham-radio operators, prohibiting the usage of encryption. However you will be not able to have a such legal protection with all other Internet users sending mails to the ham-radio users. This means you have to decide whether or not you want to take the risk, and if yes, maybe, minimize it with some filtering for the obvious cases as you propose. Have a nice day Marco Il 16. 07. 16 07:25, Michael Fox ha scritto: > I'd like to be able to reject mail that contains encrypted content. This is > to satisfy US FCC rules against encrypted content on amateur radio > frequencies. Some of our clients may connect via amateur radio. > > I'd like to be able to restrict it only for certain clients. But, as I > understand it, header checks can only be applied globally, to all mail. > > Sorry if this is a dumb question. But, unfortunately, I don't have any > experience with encrypted mail. From what I've read, I'm thinking I need: > > main.cf: > > mime_header_checks = pcre:${config_directory}/mime_header_checks.pcre > > > mime_header_checks.pcre: > > # Block encrypted mail > /^Content-Type\:.*multipart\/encrypted/ REJECT Encrypted > content not allowed > > > > Is that sufficient? > Any better ideas or other issues to consider? > > Thanks, > Michael > >