Skip to main content

How to Block (Virus) Extensions on Postfix Mail Server ?

It's very important to block virus extension on Postfix mail server. Using  mime_header_checks directive on Postfix , we can block some specific extension to protection our mail server from spamming. So we are going to block some dangerous extension for Postfix users .
Login as the root, enter:
# vi /etc/postfix/main.cf
Use mime_header_checks postfix config directive, enter:
mime_header_checks = regexp:/etc/postfix/block_attachments
Save and close the file. Open /etc/postfix/block_attachments file and append code as follows:
/name=[^>]*\.(bat|com|dll|vbs|exe|pdf|zip)/ REJECT
Save and close the file. You must restart or reload postfix:
# /etc/init.d/postfix reload
Watch log file: You should see rejected mail log in /var/log/maillog file:
# tail -f /var/log/maillog
But There is a issues on that setting , That setting will also block dmarc report with attachment thats coming Google, MicroSoft etc. Use the following setting to work perfectly 
# vi /etc/postfix/mime_header_checks

/name=[^>]*\.(zip|gz|7z)/                                       OK
/Content-Type\.*application\/(zip|gzip|x\-gzip|x\-zip)/         OK
/name=[^>]*\.(bat|com|exe|dll|vbs|js|jar)/                      REJECT
I read many blogs, those are not explaining properly . Must allow extensions on top of the line then reject .
Labels:

Comments

Post a Comment

You are always welcome to comment here, but your remarks should be relevant to the conversation. To keep the exchanges focused and engaging, we reserve the right to remove off-topic comments, or self-promoting URLs and vacuous messages.

We will try to reply to your queries as soon as time allows.



Regards,
Admin