Skip to main content

How to Block (Virus) Extensions on Postfix Mail Server ?

It's very important to block virus extension on Postfix mail server. Using  mime_header_checks directive on Postfix , we can block some specific extension to protection our mail server from spamming. So we are going to block some dangerous extension for Postfix users .
Login as the root, enter:
# vi /etc/postfix/main.cf 
Use mime_header_checks postfix config directive, enter:
mime_header_checks = regexp:/etc/postfix/block_attachments 
Save and close the file. Open /etc/postfix/block_attachments file and append code as follows:
/name=[^>]*\.(bat|com|dll|vbs|exe|pdf|zip)/ REJECT 
Save and close the file. You must restart or reload postfix:
# /etc/init.d/postfix reload 
Watch log file: You should see rejected mail log in /var/log/maillog file:
# tail -f /var/log/maillog 
But There is a issues on that setting , That setting will also block dmarc report with attachment thats coming Google, MicroSoft etc. Use the following setting to work perfectly 
# vi /etc/postfix/mime_header_checks

/name=[^>]*\.(zip|gz|7z)/                                       OK
/Content-Type\.*application\/(zip|gzip|x\-gzip|x\-zip)/         OK
/name=[^>]*\.(bat|com|exe|dll|vbs|js|jar)/                      REJECT
 
I read many blogs, those are not explaining properly . Must allow extensions on top of the line then reject .

Comments