file attachments for the domain only, and virtual mailbox size

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

file attachments for the domain only, and virtual mailbox size

David Mehler
Hello,

I've got two issues. The first is I'm blocking file attachments in the
mime_headers file below. I'd like to allow those attachments but only
for hosts within the domain, so for example [hidden email] can send
[hidden email] a word document.

The second issue is I'm running virtual users out of a mysql database.
I'd like to ensure that each virtual user's mailbox is no larger than
250MB in size. I'm not sure if the settings below allow this?

Thanks.
Dave.

header_checks = pcre:/usr/local/etc/postfix/header_checks,
regexp:/usr/local/etc/postfix/phish419.regexp
mime_header_checks = regexp:/usr/local/etc/postfix/mime_header_checks

# Virtual mailbox domains
virtual_mailbox_domains =
proxy:mysql:/usr/local/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps =
proxy:mysql:/usr/local/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps =
proxy:mysql:/usr/local/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:999
virtual_gid_maps = static:999
virtual_minimum_uid = 999
# Increase the virtual mailbox limit from 51 mb to 250 mb
virtual_mailbox_limit = 262144000
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1

message_size_limit = 52428800
mailbox_size_limit = 52428800

header_checks:
# Reject spam from compromised accounts/hosts

/HELO User/ DISCARD Compromised host or account spam
/helo=User/ DISCARD Compromised host or account spam
/Received: from User /                                  DISCARD
Compromised host or account spam

/List-Id: <mfuom.yahoogroups.com>/ REJECT Spam

/Received: from 41(\.\d{1,3}){3}/ DISCARD Likely 419 spam injection
#/Recieved: from .*\[41(\.\d{1,3}){3}\]/         DISCARD Likely 419
spam injection
/Received: from .*[\[ ]41(\.\d{1,3}){3}[\]\)]/ DISCARD Likely 419
spam injection
#/Received: from .*(\[| )41(\.\d{1,3}){3}(\]|\))/ DISCARD Likely 419
spam injection
/Received: from .*82\.128\.[0-9]{1,3}\.[0-9]{1,3}]/ DISCARD Likely 419
spam injection
/Received: from .*\[202\.190\.[0-9]{1,3}\.[0-9]{1,3}]/  DISCARD Likely
419 spam injection
/Received: from .*aa([0-9]{1,3})msr\.fastwebnet\.it.*/ DISCARD Scam
/Received: from .*ebuy.*/ DISCARD Scam
/Received: from .*farm\.tech\.int\.digex\.com.*/ DISCARD Spam
/Received: from .*cloud-ips\.com/ DISCARD Cloud spam
/Received: from .*213\.134\.6\.29/ REJECT Spam
/Received: from .*ec-messenger\.com/ REJECT Spam
/Received: from .*63\.147\.29\.[0-9]{1,3}/ REJECT Spam source
/Received: from .*hostgator\.com/ DISCARD Likely Spam
/Received: from .*.aweber\.com/ DISCARD Likely spam

/X-Original-IP: .*\[41(\.\d{1,3}){3}\]/       DISCARD Likely 419 spam injection
/X-Originating-IP: .*\[41(\.\d{1,3}){3}\]/       DISCARD Likely 419
spam injection
/X-OriginatingIP: .*\[41(\.\d{1,3}){3}\]/ DISCARD Likely 419 spam injection
/X-OriginatingIP: 41\./ DISCARD Likely 419 spam injection
/X-Originating-IP: .*\[81(\.\d{1,3}){3}\]/              DISCARD Likely
419 spam injection
/X-Originating-IP: .*\[123(\.\d{1,3}){3}\]/     DISCARD Likely scam
/X-Originating-IP: .*124\.13\.[0-9]{1,3}\.[0-9]{1,3}/   DISCARD Likely scam
/X-Originating-IP: .*74\.115\.[0-7]\.[0-9]{1,3}/ DISCARD Likely scam
/X-Originating-IP: .*125\.45\.[0-9]{1,3\.[0-9]{1,3}/ DISCARD Likely spam
/X-OriginatingIP: .*82\.128\.[0-9]{1,3}\.[0-9]{1,3}]/ DISCARD Likely Phish
/X-Originating-IP: .*82\.128\.[0-9]{1,3}\.[0-9]{1,3}]/  DISCARD Likely Phish
/X-Originating-Email: \[[hidden email]\]/ DISCARD Nitwit

/From: .*Noel Butler.*/ DISCARD Noel Butler nitwit
/From: .*noel\.butler@ausics\.net.*/ DISCARD Noel Butler nitwit
/X-Envelope-Sender: noel\.butler@ausics\.net/           DISCARD Noel
Butler nitwit
/From: .*Nick Edwards.*/                                DISCARD Nick
Edwards nitwit
/From: .*nick\.z\.edwards@gmail\.com.*/ DISCARD Nick Edwards nitwit
/From: .*Wells Fargo.*/ REJECT Probable phish
/From: .*chase online.*/ REJECT Probable phish
/From: .*money.*/ DISCARD Scam
/From: Carmel <carmel_ny@hotmail\.com>/ DISCARD Nitwit
/From: .*mail.ru/ DISCARD Likely Russian spam
/From: .*lee@yun\.yagibdah\.de/ DISCARD Nitwit
/From: .*yahoogroups\.com/ REJECT Spam

/X-Barracuda-Connect: UNKNOWN/                          DISCARD rDNS
required here
/X-Mailer: SmartSend\.2\./ DISCARD Scam

/Return-Path: .*hotmail\.it.*/ DISCARD Likely spam
/Return-Path: .*asda\.com/ REJECT Spam
/Return-Path: .*[hidden email].*/ REJECT Probable phish
/Return-Path: .*[hidden email].*/ REJECT Probable phish

/Subject:.*western union.*/ DISCARD Scam
/Subject:.*magnum 4d.*/                                 DISCARD Scam
/Subject:.*winning formula.*/                           DISCARD Scam
/Subject:.*your mailbox.*/                              DISCARD Scam
/Subject:.*my will.*/ DISCARD probable phish
/Subject:.*chase.*online.*/ DISCARD probable phish
/Subject:.*won.*\$\d.*/ DISCARD probable phish
/Subject:.*win(ner|ing|ning|nning).*/ DISCARD probable phish
/Subject:.*beneficiary.*/ DISCARD probable phish
/Subject:.*free money.*/ DISCARD probable phish
/Subject:.*loan.*/ DISCARD probable phish
/Subject:.*grant award.*/ DISCARD probable phish
/Subject:.*d(egree|iploma).*/ REJECT Spam

/From:.*payment center.*/ DISCARD Scam
/From: .*@eBuy.*/                                DISCARD Scam
/From: .*Radio Tron.*/ DISCARD Spam

/Message-ID: .*squirrel@mail\.t-k\.ru.*/ DISCARD Scam
/Message-ID: .*webmail\.activ8\.net\.au.*/ DISCARD Scam

/Reply-to: .*msnzone\.cn.*/ DISCARD Scam
/Reply-To: .*@eBuy.*/ DISCARD Scam
/Reply-to: .*western.unit11@btinternet\.com.*/ DISCARD Scam
/Reply-to: d\.financialloan1@qualityservice\.com/ DISCARD Loan Spam
/Reply-To: [hidden email]/ REJECT Phish

# Fierce spammer
/From: Fierce/ DISCARD Go away spammer

# encoded subject line
/^Subject: =\?.{6,12}\?/ PREPEND X-Encoded-Subject: true


/^Received:/                 IGNORE
/^User-Agent:/               IGNORE
/^X-Mailer:/                 IGNORE
/^X-Originating-IP:/         IGNORE
/^x-cr-[a-z]*:/              IGNORE
/^Thread-Index:/             IGNORE


mime_header_checks:
/filename=\"?(.*)\.(bat|chm|cmd|com|do|exe|hta|jse|rm|scr|pif|vbe|vbs|vxd|xl)\"?$/
   REJECT For security reasons we reject attachments of this type
/^\s*Content-(Disposition|Type).*name\s*=\s*"?(.+\.(lnk|asd|hlp|ocx|reg|bat|c[ho]m|cmd|exe|dll|vxd|pif|scr|hta|jse?|sh[mbs]|vb[esx]|ws[fh]|wav|mov|wmf|xl))"?\s*$/
   REJECT Attachment type not allowed. File "$2" has the unacceptable
extension "$3"