How to Block (Virus) Extensions on Postfix Mail Server ?

It's very important to block virus extension on Postfix mail server. Using  mime_header_checks directive on Postfix , we can block some specific extension to protection our mail server from spamming. So we are going to block some dangerous extension for Postfix users .
Login as the root, enter:

# vi /etc/postfix/main.cf 

Use mime_header_checks postfix config directive, enter:

mime_header_checks = regexp:/etc/postfix/block_attachments 

Save and close the file. Open /etc/postfix/block_attachments file and append code as follows:

/name=[^>]*\.(bat|com|dll|vbs|exe|pdf|zip)/ REJECT 

Save and close the file. You must restart or reload postfix:

# /etc/init.d/postfix reload 

Watch log file: You should see rejected mail log in /var/log/maillog file:

# tail -f /var/log/maillog 

But There is a issues on that setting , That setting will also block dmarc report with attachment thats coming Google, MicroSoft etc. Use the following setting to work perfectly 

# vi /etc/postfix/mime_header_checks

/name=[^>]*\.(zip|gz|7z)/                                       OK
/Content-Type\.*application\/(zip|gzip|x\-gzip|x\-zip)/         OK
/name=[^>]*\.(bat|com|exe|dll|vbs|js|jar)/                      REJECT
 

I read many blogs, those are not explaining properly . Must allow extensions on top of the line then reject .