|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
January 27th, 2004, 08:40 AM
|
|||
|
|||
|
Sendmail & How to reject mail with executable attachments
Hello-
Recently I've been getting a lot of mail with attatchments "test.scr" and "appl.exe", a few of which have been identified as viruses. I'm wondering if there is any way to tell sendmail to reject any email containing an executable attatchment. The following was returned from another machine, as my outlook has apparently delivered to my address book. --> This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: adam@thewatchdesk.com This message has been rejected because it has a potentially executable attachment "test.scr" This form of attachment has been used by recent viruses or other malware. If you meant to send this file then please package it up as a zip file and resend it. ------ This is a copy of the message, including all the headers. ------ Return-path: <jbruns@webdevsol.com> Received: from [24.53.186.180] (helo=webdevsol.com) by fhh.firehousehosting.com with esmtp (Exim 4.24) id 1AlU4p-0004PI-BQ for adam@thewatchdesk.com; Tue, 27 Jan 2004 09:20:27 -0500 From: jbruns@webdevsol.com To: adam@thewatchdesk.com Subject: Error Date: Tue, 27 Jan 2004 09:18:59 -0500 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0006_70F4F082.659BE0AC" X-Priority: 3 X-MSMail-Priority: Normal Message-Id: <E1AlU4p-0004PI-BQ@fhh.firehousehosting.com> This is a multi-part message in MIME format. ------=_NextPart_000_0006_70F4F082.659BE0AC Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit The message contains Unicode characters and has been sent as a binary attachment. ------=_NextPart_000_0006_70F4F082.659BE0AC Content-Type: application/octet-stream; name="test.scr" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="test.scr" TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUEUA AEwBAwAAAAAAAAAAAAAAAADgAA8BCwEHAABQAAAAEAAAAGAAAGC+AAAAcAAAAMAAAAAASgAAEAAA AAIAAAQAAAAAAAAABAAAAAAAAAAA0AAAABAAAAAAAAACAAAAAAAQAAAQAAAAABAAABAAAAAAAAAQ AAAAAAAAAAAAAADowQAAMAEAAADAAADoAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
|
|
#2
January 28th, 2004, 03:20 PM
|
||||
|
||||
|
I've no idea how to do it with sendmail, but it's trivial to do with qmail:
http://www.qmail.org/qmail-smtpd-viruscan-1.3.patch
__________________
Alex (http://www.alex-greg.com)
|
|
#3
February 4th, 2004, 03:46 PM
|
||||
|
||||
|
Look into procmail for mail filtering.
 Chris
__________________
Pop, pop, fizz, fizz, oh what a relief it is!
|
|
#4
February 13th, 2004, 08:31 PM
|
|||
|
|||
|
A cure
I've installed the E-mail Sanitizer. It's an easy setup and the attachments are completely user configurable. Also, you can do a bit of AV filtering if you like.
The program can be found on http://www.impsec.org/email-tools/p...l-security.html It runs through an easy and basic procmail system.
|
|
| Viewing: Dev Shed Forums > System Administration > Mail Server Help > Sendmail & How to reject mail with executable attachments |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
