js in zip attachment of e-mail
@lbutlr
kremels at kreme.com
Thu Mar 3 18:50:13 CET 2016
On Thu Mar 03 2016 08:19:21 Thomas Spuhler <thomas.spuhler at btspuhler.com> said:
>
> On Wednesday, March 02, 2016 04:34:39 PM @lbutlr wrote:
>> On Wed Mar 02 2016 07:32:48 Dino Edwards <dino.edwards at mydirectmail.net> said:
>>> Like this:
>>>
>>> [qr'.\.(js)$'ix => 1]
>>
>> And where would I put that? And what sort of config is that? I’ve never seen
>> any config file that put things inside square brackets…
>
>
> I changed this line in /etc/amavisd/amavisd.conf in section $banned_filename_re = new_RE(
Thanks.
I went with:
qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta|inf|ini|ins|isp|js|jse|lib|lnk|mda|mdb|mde|mdt|mdw|mdz|msc|msi|msp|mst|ocx|ops|pcd|pif|prg|reg|scr|sct|shb|shs|sys|vb|vbe|vbs|vxd|wmf|wsc|wsf|wsh)$'ix, # banned extensions - long
qr'.\.(ani|cur|ico)$'i, # banned cursors and icons filename
qr'^\.ani$', # banned animated cursor file(1) type
qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerable.
Considering adding the MS-Office extensions as well, but I think postfix already bans those.
--
'Winners never talk about glorious victories. That's because they're the
ones who see what the battlefield looks like afterwards. It's only the
losers who have glorious victories.' --Small Gods
More information about the amavis-users
mailing list