{"id":673,"date":"2017-01-29T18:55:39","date_gmt":"2017-01-29T16:55:39","guid":{"rendered":"http:\/\/helia.ee\/koolitus\/?page_id=673"},"modified":"2017-01-29T18:55:39","modified_gmt":"2017-01-29T16:55:39","slug":"debian-8-postfix-mail-server-block-bat-exe-com-vbs-mime-attachments","status":"publish","type":"page","link":"https:\/\/helia.ee\/koolitus\/?page_id=673","title":{"rendered":"Debian 8 &#8211; Postfix mail server block .bat, .exe .com .vbs mime attachments"},"content":{"rendered":"<div class=\"headline_area\">\n<h1 class=\"headline\">Postfix mail server block .bat, .exe .com .vbs mime attachments \u2013 common virus spreading files<\/h1>\n<div class=\"byline small\"><\/div>\n<\/div>\n<div class=\"post_content\">\n<p>Postfix provides Mime header check for all incoming messages. You can put restrictions on .exe \/ .bat \/ .vbs files and block all attachments.<\/p>\n<p><center><ins class=\"adsbygoogle\" data-ad-client=\"ca-pub-7825705102693166\" data-ad-slot=\"8594278667\" data-adsbygoogle-status=\"done\"><ins id=\"aswift_0_expand\"><ins id=\"aswift_0_anchor\"><\/ins><\/ins><\/ins><\/center>mime_header_checks directive allows you to define file, you will place a restriction for any file extensions that you do not want to have passing through your mail sever system.<\/p>\n<p>On most mail server the first thing that needs to be done is to enable header checks and block dangerous files.<\/p>\n<h3>Define mine header checks<\/h3>\n<p>Open main.cf file:<br \/>\n<code># vi \/etc\/postfix\/main.cf<\/code><br \/>\nAppend \/ set mime_header_checks directive as follows:<br \/>\n<code>mime_header_checks = regexp:\/etc\/postfix\/mime_header_checks<\/code><\/p>\n<p>Save and close the file.<\/p>\n<h3>Block attachments<\/h3>\n<p>Now open \/etc\/postfix\/mime_header_checks file:<br \/>\n<code># vi \/etc\/postfix\/mime_header_checks<\/code><br \/>\nAppend following line:<br \/>\n<code>\/name=[^&gt;]*\\.(bat|com|exe|dll|vbs)\/ REJECT<\/code><br \/>\nSave and close the file.<\/p>\n<h3>Restart postfix<\/h3>\n<p>First create postfix lookup table for mime_header_checks file:<br \/>\n<code># \/etc\/init.d\/postfix restart<\/code><\/p>\n<h3>Watch log file<\/h3>\n<p>You should see rejected mail log in \/var\/log\/maillog file:<br \/>\n<code># tail -f \/var\/log\/maillog<\/code><br \/>\nOutput:<\/p>\n<pre>Jun 20 14:28:06 server postfix\/smtpd[5442]: connect from web31601.mail.mud.yahoo.com[68.142.198.147]\r\nJun 20 14:28:07 server postfix\/smtpd[5442]: 245F913906EE: client=web31601.mail.mud.yahoo.com[68.142.198.147]\r\nJun 20 14:28:07 server postfix\/cleanup[5492]: 245F913906EE: message-id=&lt;274995.40473.qm@web31601.mail.mud.yahoo.com&gt;\r\nJun 20 14:28:07 server postfix\/cleanup[5492]: 245F913906EE: reject: header Content-Type: application\/x-msdos-program; name=\"updatebankdetails.bat\" from web31601.mail.mud.yahoo.com[68.142.198.147]; from=&lt;xxxxxxxx@yahoo.com&gt; to=&lt;myuser@mydomain.com&gt; proto=SMTP helo=: Message content rejected<\/pre>\n<p>For more information please read postfix and header_checks man page.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Postfix mail server block .bat, .exe .com .vbs mime attachments \u2013 common virus spreading files Postfix provides Mime header check for all incoming messages. You can put restrictions on .exe \/ .bat \/ .vbs files and block all attachments. mime_header_checks directive allows you to define file, you will place a restriction for any file extensions [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":621,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"class_list":["post-673","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/pages\/673","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=673"}],"version-history":[{"count":1,"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/pages\/673\/revisions"}],"predecessor-version":[{"id":674,"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/pages\/673\/revisions\/674"}],"up":[{"embeddable":true,"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/pages\/621"}],"wp:attachment":[{"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=673"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}