Postfix mail server block .bat, .exe .com .vbs mime attachments – common virus spreading files

Posted on in Categories Howto, Linux, Mail server, Postfix, RedHat/Fedora Linux, UNIX last updated December 18, 2007

Postfix provides Mime header check for all incoming messages. You can put restrictions on .exe / .bat / .vbs files and block all attachments.

mime_header_checks directive allows you to define file, you will place a restriction for any file extensions that you do not want to have passing through your mail sever system.

On most mail server the first thing that needs to be done is to enable header checks and block dangerous files.

Define mine header checks

Open file:
# vi /etc/postfix/
Append / set mime_header_checks directive as follows:
mime_header_checks = regexp:/etc/postfix/mime_header_checks

Save and close the file.

Block attachments

Now open /etc/postfix/mime_header_checks file:
# vi /etc/postfix/mime_header_checks
Append following line:
/name=[^>]*\.(bat|com|exe|dll|vbs)/ REJECT
Save and close the file.

Restart postfix

First create postfix lookup table for mime_header_checks file:
# /etc/init.d/postfix restart

Watch log file

You should see rejected mail log in /var/log/maillog file:
# tail -f /var/log/maillog

Jun 20 14:28:06 server postfix/smtpd[5442]: connect from[]
Jun 20 14:28:07 server postfix/smtpd[5442]: 245F913906EE:[]
Jun 20 14:28:07 server postfix/cleanup[5492]: 245F913906EE: message-id=<[email protected]>
Jun 20 14:28:07 server postfix/cleanup[5492]: 245F913906EE: reject: header Content-Type: application/x-msdos-program; name="updatebankdetails.bat" from[]; from= to= proto=SMTP helo=: Message content rejected

For more information please read postfix and header_checks man page.

How a Web server actually works ~ with C source code

Posted on in Categories Beyond nixCraft, C Programming, Howto, News, UNIX last updated January 9, 2008

Do you wonder how to write a program that accepts incoming messages with a network socket? Have you ever just wanted your own Web server to experiment and learn with?

Have you ever wondered how a Web server actually works? Experiment with nweb — a simple Web server with only 200 lines of C source code. In this article, Nigel Griffiths provides a copy of this Web server and includes the source code as well. You can see exactly what it can and can’t do.

Well, look no further — nweb is what you need. This is a simple Web server that has only 200 lines of C source code. It runs as a regular user and can’t run any server-side scripts or programs, so it can’t open up any special privileges or security holes.

This article covers:

  • What the nweb server program offers
  • Summary of C functions features in the program
  • Pseudo code to aid understanding of the flow of the code
  • Network socket system calls used and other system calls
  • How the client side operates
  • C source code

nweb only transmits the following types of files to the browser :

  • Static Web pages with extensions .html or .htm
  • Graphical images such as .gif, .png, .jgp, or .jpeg
  • Compressed binary files and archives such as .zip, .gz, and .tar
  • If your favorite static file type is not in this list, you can simply add it in the source code and recompile to allow it.

Read more at IBM developerworks