MIME Types

Noel Jones njones at megan.vbhcs.org
Wed Oct 1 16:00:28 CEST 2014

On 10/1/2014 7:32 AM, Deeztek Support wrote:
> On 10/1/2014 8:16 AM, Mark Martinec wrote:
>> Deeztek Support,
>>> According to the amavis docs, amavis checks MIME types of decoded
>>> mail
>>> parts where the content classifications are provided by a file(1)
>>> utility.
>> Not really. The MIME type is obtained directly from a Content-Type
>> header or sub-header field of each mail part.
>> The file(1) utility is called without its -i option. The resulting
>> string is mapped through @map_full_type_to_short_type_re to obtain
>> a file extension.  MIME type as checked by banning rules does not
>> come from the file(1) utility.
>>    Mark
> Thanks for the info Mark. So, there is no easy way to add new MIME
> types in amavis for use in banning rules?

You can easily add any mime-type to the $banned_filename_re or
$banned_namepath_re lists.

But keep in mind the mime-type is declared by the sending mail
client and can be set wrong, either by buggy software or an
attacker.  Amavis does not "normalize" the mime-type.

As a general rule, using the file extension as determined by file(1)
and @map_full_type_to_short_type_re is more reliable for blocking
specific file types since it doesn't depend on information provided
by the client.

  -- Noel Jones

More information about the amavis-users mailing list