Am 01.02.2016 um 16:23 schrieb Benny Pedersen: > On 2016-02-01 13:57, Axb wrote: > >> SA mimeheader rules >> To save cycles, I'd opt for rejecting at smtp level with Postfix mime >> header checks. > > postfix mime is not as good as clamav-milter, if one really want to > limit resources use milter-regex, but that have no unpack of malware in > zip/rar or other compressed archives like zip with a scr screen savers > with fish in the aquarium :=)
you may combine postfix body_checks i.e ^((Content-(Disposition: attachment;|Type:).*|\ +)| *)(file)?name\ *=\ *"?.*\.(lnk|asd|ocx|reg|bat|c[ho]m|cmd|exe|dll|vxd|pif|scr|hta|jse?|sh[mbs]|vb[esx]|ws[fh]|wmf)"?\ *$/ REJECT or amavis policy or with sieve/dovecot https://sys4.de/de/blog/2016/01/22/content-blocking-mit-sieve/ maildrop is so old ,heres some post http://sourceforge.net/p/courier/mailman/message/4591641/ spamassassin ( never used it like this ) http://jrs-s.net/2013/06/14/block-common-trojans-in-spamassassin/ best is that clam will detect the problem Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
