It's very important to block virus extension on Postfix mail server. Using mime_header_checks directive on Postfix , we can block some specific extension to protection our mail server from spamming. So we are going to block some dangerous extension for Postfix users .
Login as the root, enter:
Login as the root, enter:
# vi /etc/postfix/main.cf
Use mime_header_checks postfix config directive, enter:mime_header_checks = regexp:/etc/postfix/block_attachments
Save and close the file. Open /etc/postfix/block_attachments file and append code as follows:/name=[^>]*\.(bat|com|dll|vbs|exe|pdf|zip)/ REJECT
Save and close the file. You must restart or reload postfix:# /etc/init.d/postfix reload
Watch log file: You should see rejected mail log in /var/log/maillog file:# tail -f /var/log/maillog
But There is a issues on that setting , That setting will also block dmarc report with attachment thats coming Google, MicroSoft etc. Use the following setting to work perfectly # vi /etc/postfix/mime_header_checks
/name=[^>]*\.(zip|gz|7z)/ OK
/Content-Type\.*application\/(zip|gzip|x\-gzip|x\-zip)/ OK
/name=[^>]*\.(bat|com|exe|dll|vbs|js|jar)/ REJECT
I read many blogs, those are not explaining properly . Must allow extensions on top of the line then reject .
Comments
Post a Comment