[Tfug] blocking exe's and com files with postfix
elemint at theriver.com
elemint at theriver.com
Mon Jul 19 15:11:45 MST 2004
Thanks,
I uncommented this one in amavisd.conf
qr'.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js|
jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|shb|vb|
vbe|vbs|wsc|wsf|wsh)$'ix,
That seems to block com and exe amongst other file extensions, I sent a
test email with a exe and it did the job, thanks.
Jim
Michael Stenner wrote:
>On Mon, Jul 19, 2004 at 02:57:32PM -0700, elemint at theriver.com wrote:
>
>
>>in amavisd.conf the following is commented out:
>>
>># .zip, .exe, ... - see subroutine determine_file_types().
>> qr'\.[a-zA-Z][a-zA-Z0-9]{0,3}\.(vbs|pif|scr|bat|com|exe|dll)$'i, #
>>double extension
>>
>>If I uncomment that will I then be blocking exe's and coms and the other
>>file extensions listed?
>>
>>
>
>That regex appears to block attachments that end with two extensions.
>For example, foxylady.jpg.exe
>
>The reason is that in many cases, windows will hide the .exe (figuring
>that the information is conveyed in the icon) and so the user will
>only see "foxylady.jpg". When they double-click on it expecting to
>see a picture of Jimi Hendrix, they end up infecting their systems.
>
> -Michael
>
>
More information about the tfug
mailing list