MailScanner allows you to block certain kinds of attachments based on their name or the content type.
Two configuration files are responsible for these settings, they are:
/etc/MailScanner/filename.rules.conf
and
/etc/MailScanner/filetype.rules.conf
Below is an example taken from filename.rules.conf:
# JKF 04/01/2005 More Microsoft security vulnerabilities
deny
\.bmp$ Windows bitmap file security
vulnerability
Possible buffer overflow in Windows
deny
\.ico$ Windows icon file
security
vulnerability
Possible buffer overflow in Windows
deny
\.ani$ Windows animated
cursor file security
vulnerability
Possible buffer overflow in Windows
deny
\.cur$ Windows cursor
file security
vulnerability
Possible buffer overflow in Windows
deny
\.hlp$ Windows help file
security
vulnerability
Possible buffer overflow in Windows
You can add,edit or remove
lines as you need to. Obviously if you would like to ALLOW a file which
is being blocked, you just need to change the " deny " to
read " allow ", save the file and restart MailScanner.
Below is an example taken from filetype.rules.conf:
#deny
MPEG
No MPEG movies No
MPEG movies allowed
#deny
AVI
No AVI
movies No
AVI movies allowed
#deny
MNG
No MNG/PNG movies No MNG movies
allowed
#deny
QuickTime No QuickTime
movies No QuickTime movies allowed
#deny
ASF
No Windows media No Windows
media files allowed
Again, you can add, edit or remove lines as needed. Just remember to restart MailScanner so the changes take effect.
Copyright, eNet Solutions 2006