- yliu on March 10, 2011, 12:57 AM UTC
The simplest solution that I found involves the use of capabilities called mime_header_checks and body_checks, which are filtering behaviors that can be configured through Postfix's main.cf file.
There are also several ways to configure body_checks. I used pcre-based regex matching. On Ubuntu, this involved apt-get'ing the postfix-pcre package first.
Once the capability is installed, add a line to main.cf like so:
where pcre: specifies a regex based filter and /etc/postfix/header_checks is a file containing regex filtering expressions, one filter per line.
The /etc/postfix/header_checks file looks something like:
/^(.*)name=\"(DHL_document).(zip|cmd)\"$/ REJECT /^(.*)name=\"(DHL_notification).(zip|cmd)\"$/ REJECT
Remember that mime_header_checks is used for attachment filtering, and body_checks is for message text filtering. The reference to this problem used the wrong filter, and it simply won't work.
Reload Postfix's configs and the next message that matches the regex will be rejected for content issues.
( http://linuxpoison.blogspot.com/2007/12/filter-attachments-bat-exe-etc-in.html# ) - found by yliu on March 10, 2011, 12:58 AM UTC
I find this kind of filter basically useless. All you have to do is rename your file and the attachment will go through. change .exe to .ex1 and now you can send executable programs. Granted, you probably can't just double click them on the other side, but still.—
@Nathan sure, but general spam is not the problem I want to solve. if you read the problem statement up there, I described that my problem -- blocking one specific set of emails exhibiting a specific set of known properties. I solve information retrieval problems for a living, but pulling out a support vector machine classifier is more than overkill for this issue.—
Think you've got a better solution? Help yliu out by posting your solution
http://linuxpoison.blogspot.com/2007/12/filter-attachments-bat-exe-etc-in.html# - found by yliu on March 10, 2011, 12:58 AM UTC
this is actually not working out of the box for me