Re: [Erlug] Finte mail Microsoft && postfix

To:	erlug@xxxxxxxxxxxxxx
Subject:	Re: [Erlug] Finte mail Microsoft && postfix
From:	Maurizio Lemmo - Tannoiser <tann@xxxxxxxxx>
Date:	Sat, 20 Sep 2003 11:47:21 +0200

* venerdì 19 settembre 2003, alle 23:08, Guido Bolognesi [ Zen ] scrive:
>       La soluzione personale e` da tempo quella di filtrare gli
>       attachment "nocivi" (.exe, .com, .scr...) direttamente a livello
>       di smtp, cosi` non devo neanche controllare che sia spam. In
>       piu` educa gli utenti, eheh.
>       
>       in main.cf
>       header_checks = regexp:/etc/postfix/header_checks
> 
>       il file header_checks contiene righe tipo
>       /Content.*\.vbs/        REJECT vbs not allowed.

Yep. Il vero problema di questa soluzione e`:

- non va bene per chi prende la posta con fetchmail (oddio, va bene, nel
  senso che non la riceve, eppero`...)

- ho amplifichi molto bene le regex, ho sei destinato a farne scappare
  tanti, tra: vari tipi di cazzi da filtrare, multipart malformati (non
  su una riga... c'e` un *splendido* <g> client di posta che lo fa..) e
  roba cosi`.

Ragion per cui, piu` che usare header_checks, consiglio e uso
sanitizer.

Description: The Anomy Mail Sanitizer - an email virus scanner
 The Anomy sanitizer is what most people would call "an email virus
scanner".
 That description is not totally accurate, but it does cover one of the
more
 important jobs that the sanitizer can do for you - it can scan email
 attachments for viruses. Other things it can do:
 .
 Disable potentially dangerous HTML code, such as javascript, within
 incoming email.
 .
 Protect you from email-based break-in attempts which exploit bugs in
 common email programs (Outlook, Eudora, Pine, ...).
 .
 Block or "mangle" attachments based on their file names. This way if
you
 don't *need* to receive e.g. visual basic scripts, then you don't have
to
 worry about the security risk they imply (the ILOVEYOU virus was a
 visual basic program). This lets you protect yourself and your users
 from whole classes of attacks, without relying on complex, resource
 intensive and outdated virus scanning solutions.


-- 
                          Maurizio - Tannoiser - Lemmo
                 Founder Member of ERLUG http://erlug.linux.it
-------------------------------------------------------------------------------
"How can I tell that the past isn't a fiction designed to account for
 the discrepancy between my immediate physical sensations and my state
 of mind?" - RAEU

<Prev in Thread]	Current Thread	[Next in Thread>
[Erlug] Finte mail Microsoft && postfix, Guido Bolognesi [ Zen ] Re: [Erlug] Finte mail Microsoft && postfix, Sythos Re: [Erlug] Finte mail Microsoft && postfix, Maurizio Lemmo - Tannoiser <= Re: [Erlug] Finte mail Microsoft && postfix, Maurizio Lemmo - Tannoiser Re: [Erlug] Finte mail Microsoft && postfix, dariondol Re: [Erlug] Finte mail Microsoft && fetchmail, Davide Alberani Re: [Erlug] Finte mail Microsoft && fetchmail, Davide Alberani

Previous by Date:	[Erlug] Bug Tcl?, Titanicus
Next by Date:	Re: [Erlug] Finte mail Microsoft && postfix, Maurizio Lemmo - Tannoiser
Previous by Thread:	Re: [Erlug] Finte mail Microsoft && postfix, Sythos
Next by Thread:	Re: [Erlug] Finte mail Microsoft && postfix, Maurizio Lemmo - Tannoiser
Indexes:	[Date] [Thread] [Top] [All Lists]