≡ Menu


Richard Stallman Attacks On Proprietary Software Vendors

Richard Stallman, founder of the Free Software Foundation published an interesting article on BBC news website. From the article:

To pay so much attention to Bill Gates' retirement is missing the point. What really matters is not Gates, nor Microsoft, but the unethical system of restrictions that Microsoft, like many other software companies, imposes on its customers. But Gates didn't invent proprietary software, and thousands of other companies do the same thing. It's wrong, no matter who does it.

Microsoft, Apple, Adobe, and the rest, offer you software that gives them power over you. A change in executives or companies is not important. What we need to change is this system.

That's what the free software movement is all about. "Free" refers to freedom: we write and publish software that users are free to share and modify.

=> It's not the Gates, it's the bars

Postfix provides Mime header check for all incoming messages. You can put restrictions on .exe / .bat / .vbs files and block all attachments.

mime_header_checks directive allows you to define file, you will place a restriction for any file extensions that you do not want to have passing through your mail sever system.

On most mail server the first thing that needs to be done is to enable header checks and block dangerous files.

Define mine header checks

Open main.cf file:
# vi /etc/postfix/main.cf
Append / set mime_header_checks directive as follows:
mime_header_checks = regexp:/etc/postfix/mime_header_checks

Save and close the file.

Block attachments

Now open /etc/postfix/mime_header_checks file:
# vi /etc/postfix/mime_header_checks
Append following line:
/name=[^>]*\.(bat|com|exe|dll|vbs)/ REJECT
Save and close the file.

Restart postfix

First create postfix lookup table for mime_header_checks file:
# /etc/init.d/postfix restart

Watch log file

You should see rejected mail log in /var/log/maillog file:
# tail -f /var/log/maillog

Jun 20 14:28:06 server postfix/smtpd[5442]: connect from web31601.mail.mud.yahoo.com[]
Jun 20 14:28:07 server postfix/smtpd[5442]: 245F913906EE: client=web31601.mail.mud.yahoo.com[]
Jun 20 14:28:07 server postfix/cleanup[5492]: 245F913906EE: message-id=<274995.40473.qm@web31601.mail.mud.yahoo.com>
Jun 20 14:28:07 server postfix/cleanup[5492]: 245F913906EE: reject: header Content-Type: application/x-msdos-program; name="updatebankdetails.bat" from web31601.mail.mud.yahoo.com[]; from= to= proto=SMTP helo=: Message content rejected

For more information please read postfix and header_checks man page.