Mark.Martinec+amavis at ijs.si
Thu Oct 2 17:16:53 CEST 2014
Deeztek Support writes:
> I guess I was mistaken that using the mime-type was more reliable than
> using a file extension since the file extension can be easily modified
> also? So, if I were to ban .rar files, and someone send me a rar file
> called "archive.rar" but they renamed it to "archive" it will still
> be blocked by Amavis?
You can block (or not to block) on either a declared MIME type,
or on a declared file name (potentially matching the declared
file extension of you like), or based on a file extension as
reported by a file(1) utility - which is not necessarily
the same as the file extension of a declared file name.
> Checking file extensions based on the mime type returned by the file
> utility is very smart.
All three pieces of information about a mail part are available
to checking rules. Check whatever you need:
- a MIME TYPE (Content-Type from a header),
- a declared FILE NAME (including its declared extensikon, if any)
from a MIME header or from an archive,
- a file EXTENSION (always starts with a dot) as derived through
@map_full_type_to_short_type_re from a result of a file(1) utility.
> That makes checking the mime type, based only on the
> client-provided mime-type a weird design choice. Is there a reason
> for this?
Sure there is. If a mime header declares a content as
application/x-ms-dos-executable or application/x-msdownload,
a rule should be able to match this regardless of what
the file(1) utility thinks of the content, and regardless
of the declared file name. Rules are configurable, set whatever
you think is right.
More information about the amavis-users