Mailinglist Archive: opensuse-security (605 mails)
| < Previous | Next > |
AW: [suse-security] postfix regexp in body_checks
- From: "Philipp Snizek" <mailinglists@xxxxxxxxx>
- Date: Fri, 5 Oct 2001 09:55:37 +0200
- Message-id: <000501c14d73$1f7bcf30$b600000a@xxxxxxxxxxxxxx>
Hi Stephane,
postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
body_checks = regexp:/etc/postfix/bodychecks
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 10
default_privs = nobody
inet_interfaces = all
local_destination_concurrency_limit = 2
mail_name = Postfix
mail_owner = postfix
mail_spool_directory = /var/mail
mydestination = $myhostname, localhost.$mydomain, $mydomain
mydomain = belfin.reinach
myhostname = mx.belfin.reinach
mynetworks = 10.0.0.0/24, 127.0.0.0/8
program_directory = /usr/lib/postfix
queue_directory = /var/spool/postfix
relocated_maps = hash:/etc/postfix/relocated
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_sender_restrictions = hash:/etc/postfix/access
transport_maps = hash:/etc/postfix/transport
virtual_maps = hash:/etc/postfix/virtual
Version: 20001212-4
Version should not be an issue cause header_checks for MIME encoded mails works wonderfully (for
testing it's disabled right now). For UUENCODE e-mails regexp in body_checks does not work.
Philipp
> -----Ursprungliche Nachricht-----
> Von: stephane parenton [mailto:sparenton@xxxxxxxxxxx]
> Gesendet: Freitag, 5. Oktober 2001 09:37
> An: Philipp Snizek
> Cc: suse-security@xxxxxxxx
> Betreff: Re: [suse-security] postfix regexp in body_checks
>
>
> Philipp Snizek wrote:
> >
> > Hi,
> >
> > I hope I hit the right list with my request. I'm trying to
> set up a filter for postfix to filter
> > malicious stuff like all windows executables. For MIME
> encoded headers I had no problem, this works
> > fine. But if the header is uuencode, the attachment is only
> visible in the e-mail's body. I tried a
> > regexp like /.*\.(bat|exe|cmd|vbs|vba)/ REJECT in
> /etc/postfix/body_checks which should filter all
> > *.bat|and so on. But nothing at all happens. Mails go thru
> as if there wasn't an obstacle.
> >
> > If there is some postfix & regexp pro on this list, please
> tell me what I am doing wrong.
>
> I'm not a pro, but I've been testing this a while so maybe I can help
> you. First of all, what version of postfix do you use ?... if it's an
> old version, the body & header checks were not usable... tell
> me what is
> your snapshot #.
>
postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
body_checks = regexp:/etc/postfix/bodychecks
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
default_destination_concurrency_limit = 10
default_privs = nobody
inet_interfaces = all
local_destination_concurrency_limit = 2
mail_name = Postfix
mail_owner = postfix
mail_spool_directory = /var/mail
mydestination = $myhostname, localhost.$mydomain, $mydomain
mydomain = belfin.reinach
myhostname = mx.belfin.reinach
mynetworks = 10.0.0.0/24, 127.0.0.0/8
program_directory = /usr/lib/postfix
queue_directory = /var/spool/postfix
relocated_maps = hash:/etc/postfix/relocated
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_sender_restrictions = hash:/etc/postfix/access
transport_maps = hash:/etc/postfix/transport
virtual_maps = hash:/etc/postfix/virtual
Version: 20001212-4
Version should not be an issue cause header_checks for MIME encoded mails works wonderfully (for
testing it's disabled right now). For UUENCODE e-mails regexp in body_checks does not work.
Philipp
> -----Ursprungliche Nachricht-----
> Von: stephane parenton [mailto:sparenton@xxxxxxxxxxx]
> Gesendet: Freitag, 5. Oktober 2001 09:37
> An: Philipp Snizek
> Cc: suse-security@xxxxxxxx
> Betreff: Re: [suse-security] postfix regexp in body_checks
>
>
> Philipp Snizek wrote:
> >
> > Hi,
> >
> > I hope I hit the right list with my request. I'm trying to
> set up a filter for postfix to filter
> > malicious stuff like all windows executables. For MIME
> encoded headers I had no problem, this works
> > fine. But if the header is uuencode, the attachment is only
> visible in the e-mail's body. I tried a
> > regexp like /.*\.(bat|exe|cmd|vbs|vba)/ REJECT in
> /etc/postfix/body_checks which should filter all
> > *.bat|and so on. But nothing at all happens. Mails go thru
> as if there wasn't an obstacle.
> >
> > If there is some postfix & regexp pro on this list, please
> tell me what I am doing wrong.
>
> I'm not a pro, but I've been testing this a while so maybe I can help
> you. First of all, what version of postfix do you use ?... if it's an
> old version, the body & header checks were not usable... tell
> me what is
> your snapshot #.
>
| < Previous | Next > |