blocking attachments. Sanity check and testing

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

blocking attachments. Sanity check and testing

Joe Acquisto-j4
I'm revisiting blocking certain attachments.   A multi part question:  Implementation, logging, testing.

Seems the accepted way to do attachment blocking is something like this:

in /etc/postfix/main.cf  added, without quotes: "mime_header_checks = regexp:/etc/postfix/block_attachments"

in /etc/postfix/block_attachments added, without quotes: "/name=[^>]*\.(1|2|3)/ DISCARD"

I have read some discussions on DISCARD and, for my purpose, it suits.  I think.

Is the action logged anywhere?  I have not seen it. If not, can it be done?

Finally, I hope (if only to avoid further exposing my ignorance), what is a simple way to test the workings, preferably with
actual messages that have been received?





Reply | Threaded
Open this post in threaded view
|

Re: blocking attachments. Sanity check and testing

Joe Acquisto-j4
> I'm revisiting blocking certain attachments.   A multi part question:  
> Implementation, logging, testing.
>
> Seems the accepted way to do attachment blocking is something like this:
>
> in /etc/postfix/main.cf  added, without quotes: "mime_header_checks =
> regexp:/etc/postfix/block_attachments"
>
> in /etc/postfix/block_attachments added, without quotes:
> "/name=[^>]*\.(1|2|3)/ DISCARD"
>
> I have read some discussions on DISCARD and, for my purpose, it suits.  I
> think.
>
> Is the action logged anywhere?  I have not seen it. If not, can it be done?
>
> Finally, I hope (if only to avoid further exposing my ignorance), what is a
> simple way to test the workings, preferably with
> actual messages that have been received?

Well, never mind on the logging and by inference, all but the "test immediately" thing.

"discard" clearly shows in /var/log/mail.   When one removes cranium from posterior that is.


Reply | Threaded
Open this post in threaded view
|

Re: blocking attachments. Sanity check and testing

Wietse Venema
In reply to this post by Joe Acquisto-j4
Joe Acquisto-j4:
> I have read some discussions on DISCARD and, for my purpose, it suits.  I think.
>
> Is the action logged anywhere?  I have not seen it. If not, can it be done?

It is syslogged with the same syslog facility and severity "info"
as routine Postfix logging.

If you don't see logging, then the pattern did not match.

> Finally, I hope (if only to avoid further exposing my ignorance),
> what is a simple way to test the workings, preferably with actual
> messages that have been received?

Forward an existing message with a mail client.

        Wietse