header .com check false positive

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

header .com check false positive

lists-3
I've struck a false positive problem rejecting email,
should reject on file extension '.com', but, rejected on a domain name as
below(1):

I think this is the rule ?:

# grep "may not end with" *head*

mime_headers.pcre:/^\s*Content-(Disposition|Type).*name\s*=\s*"?(.*\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|hlp|hta|inf|ins|isp|js|jse|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|nws|ops|pcd|pif|prf|reg|scf|scr\??|sct|shb|shs|shm|swf|vb[esx]?|vxd|wsc|wsf|wsh))(\?=)?"?\s*(;|$)/x
REJECT Attachment name "$2" may not end with ".$3"

main.cf:mime_header_checks = pcre:$config_directory/mime_headers.pcre

is there a better way, or should I remove 'com' from my definitions

thanks for any pointers,

V

(1)
Apr 12 09:29:28 emu postfix/cleanup[27379]: C7C7D5E198: reject: header
Content-Type:
image/jpeg;??name=1.jpg;??x-apple-part-url="[hidden email]"
from mail107.syd.optusnet.com.au[211.29.132.53]; from=<[hidden email]>
to=<[hidden email]> proto=ESMTP helo=<mail107.syd.optusnet.com.au>: 5.7.1
Attachment name
"1.jpg;??x-apple-part-url="[hidden email]"
may not end with ".com"

Apr 12 09:30:32 emu postfix/cleanup[27379]: E2AE95E1C1: reject: header
Content-Type:
image/jpeg;??name=1.jpg;??x-apple-part-url="[hidden email]"
from mail105.syd.optusnet.com.au[211.29.132.249]; from=<[hidden email]>
to=<[hidden email]> proto=ESMTP helo=<mail105.syd.optusnet.com.au>: 5.7.1
Attachment name
"1.jpg;??x-apple-part-url="[hidden email]"
may not end with ".com"



Reply | Threaded
Open this post in threaded view
|

Re: header .com check false positive

Wietse Venema
Voytek:
> Apr 12 09:29:28 emu postfix/cleanup[27379]: C7C7D5E198: reject: header
> Content-Type:
> image/jpeg;??name=1.jpg;??x-apple-part-url="[hidden email]"
> from mail107.syd.optusnet.com.au[211.29.132.53]; from=<[hidden email]>
> to=<[hidden email]> proto=ESMTP helo=<mail107.syd.optusnet.com.au>: 5.7.1
> Attachment name
> "1.jpg;??x-apple-part-url="[hidden email]"
> may not end with ".com"

Try the updated rule in http://www.postfix.org/header_checks.5.html.
This fixes the problem.

        Wietse