Re: [gentoo-server] Mailscanner or amavisd-new

[Pandu Poluan <pandu@poluan.info>]

[-- Attachment #1: Type: text/plain, Size: 1768 bytes --]

On Nov 29, 2011 9:10 PM, "J. Roeleveld" <joost@antarean.org> wrote:
>
> On Tue, November 29, 2011 2:36 pm, Pandu Poluan wrote:
> > On Nov 29, 2011 8:25 PM, "Vinícius Ferrão"
> > <viniciusferrao@cc.if.ufrj.br>
> > wrote:
> >>
> >> Agreed.
> >>
> >> Filtering Windows executables will only make the system admin to be
> > recognized as an asshole and windows-hater.
> >>
> >> On Nov 29, 2011, at 10:11 AM, J. Roeleveld wrote:
> >>
> >> > On Mon, November 28, 2011 7:27 pm, Mișu Moldovan wrote:
> >> > <SNIPPED>
> >> >> Also, a good idea is to block
> >> >> extensions such as exe, pif, bat (in zip files also) before scanning
> >> >> for viruses (if such a scan is really needed).
> >> >
> >> > I disagree. There are valid reasons to send "*.exe" and "*.bat" files
> > via
> >> > email. Braindead filters on extensions only cause problems.
> >> >
> >
> > With my current setup, I already block .exe, .pif, .com, .lnk, .scr, and
> > their ilks.
> >
> > But I do allow .zip and .rar, though.
>
> Do you have a good reason to block on extensions?
> Virus-scanners work quite nicely already and are not fooled by changing
> the extensions.
>
> I have received viruses where the email contained instructions to change
> the extension to .exe. Filtering on extension will not stop those.
>

Because some other mail servers reject those files, and my lusers are too,
uh, intelligence-challenged to understand the simple error message returned
by the receiving server. Some are even so brain-dead to totally ignore any
server error message.

So, I outright block those attachments. Now, offending emails got rejected
during SMTP submission, and the lusers have to take action instead of
ignoring the issue.

Rgds,

[-- Attachment #2: Type: text/html, Size: 2364 bytes --]