Send .exe files

Thread: Send .exe files

Search this list only Search all lists
Send .exe files
Spain	2007-10-28 02:44:51
Hi all, ¿Is it possible to make a policy bank which permit the domain users to send .exe-like file but doesn't receive them? Afer all my last goal is make not permit the .exe-like file traffic in any direction (inbound/outbound) by default but permit the outbound in only few accounts. ¿Can I do it? ------------------------------------------------------------ ------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ AMaViS-user mailing list AMaViS-userlists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amav is.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/ho wto/

Re: Send .exe files
Spain	2007-10-29 12:04:39
¿Nobody has idea? Well, I've done my own search... Maybe a good option is to stop .EXE recieved files in SMTP level (mime_header_checks if you use Postfix as I do) and permit to send .EXE from your own accounts at filter level (Amavisd-new, using bypass_banned policy). You'll get what I'm looking for: protect your accounts against .EXE files but permit your users to send these kind of executables. ------------------------------------------------------------ ------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ AMaViS-user mailing list AMaViS-userlists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amav is.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/ho wto/

Re: Send .exe files
	2007-10-29 14:12:51
On Mon, Oct 29, 2007 at 06:04:39PM +0100, Jordi Espasa Clofent wrote: > You'll get what I'm looking for: protect your accounts against .EXE > files but permit your users to send these kind of executables. What if the other (receiving) side has the same idea? What with .dll? .jar? Office documents that can contain macros? Perl, Python and the like? The list is endless... Rainer ------------------------------------------------------------ ------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ AMaViS-user mailing list AMaViS-userlists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amav is.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/ho wto/

Re: Send .exe files
Slovenia	2007-10-30 12:47:02
Jordi, > ¿Is it possible to make a policy bank which permit the domain users to > send .exe-like file but doesn't receive them? It is possible to have a policy bank to install its own set of banning rules, which allows for example for mail originating from inside to have less strict banning rules than incoming mail. Search for %banned_rules and banned_filename_maps in RELEASE_NOTES. See also: http://www.ijs.si/software/amavisd/amavisd-new-do cs.html#pbanks and examples there. Here is another example: %banned_rules = ( 'ALLOW_EXE' => # pass executables except if name ends in .vbs .pif .scr .bat new_RE( qr'..(vbs\|pif\|scr\|bat)$'i, [qr'^.exe$' => 0] ), 'NO-VIDEO' => new_RE( qr'^.movie$', qr'..(asf\|asx\|mpg\|mpe\|mpeg\|avi\|mp3\|wav\|wma\|wmf\|wmv\|mov\|vob) $'i, ), 'NO-MOVIES' => new_RE( qr'^.movie$', qr'..(mpg\|avi\|mov)$'i, ), 'DEFAULT' => $banned_filename_re, ); mynetworks = qw( ... ); # list your internal networks here $policy_bank{'MYNETS'} = { # mail originating from mynetworks banned_filename_maps => ['ALLOW_EXE,DEFAULT'], }; > Afer all my last goal is make not permit the .exe-like file traffic in > any direction (inbound/outbound) by default but permit the outbound in > only few accounts. ¿Can I do it? MTA will need to map these privileged accounts to a content filter port number, so that you could assign appropriate policy bank to it. The simplest would be to provide a separate smtpd postfix service for them (with its own -o content_filter setting), accessible only to these authorized accounts. Or perhaps a combination of check_sender_access with a FILTER, combined with an access restriction based on client's IP address or SASL authorization) could be used. Mark ------------------------------------------------------------ ------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ AMaViS-user mailing list AMaViS-userlists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amav is.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/ho wto/

Re: Send .exe files
Spain	2007-10-31 05:30:52
> MTA will need to map these privileged accounts to a content filter > port number, so that you could assign appropriate policy bank to it. > The simplest would be to provide a separate smtpd postfix service > for them (with its own -o content_filter setting), accessible > only to these authorized accounts. Or perhaps a combination of > check_sender_access with a FILTER, combined with an access restriction > based on client's IP address or SASL authorization) could be used. Useful info. ;) ------------------------------------------------------------ ------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ AMaViS-user mailing list AMaViS-userlists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amav is.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/ho wto/

[1-5]

about | contact Other archives ( Real Estate discussion Medical topics )