exim Block virus file extension in attach zip file
Update ຫລ້າສຸດ
ຫາກທ່ານມີ exim.easy_spam_fighter
ໃນ /etc/exim.easy_spam_fighter/exim_check_attachment.sh ສາມາດກຳນົດໄດ້ເລີຍ
ເນື່ອງຈາກວ່າ ໄວຣັດເມລ ກຳລັງລະບາດຫນັກ ແລະ ປ້ອງກັນໄວຣັດກໍຍັງຈັບບໍ່ໄດ້
ເລີຍຫາວິທີຂຽນ Script ໃຫ້ມັນກວດໄຟລແນບທີ່ສົ່ງຜ່ານເມວ
ໃນ exim.conf ທາງກ້ອງຂອງ “check_message:” ເພີ່ມດັ່ງນີ້
# check attachment
deny
message = This message contains an attachment of a type which we do not accept (.$found_extension)
demime = bat:btm:cmd:com:cpl:dll:exe:lnk:msi:pif:prf:reg:scr:vbs:url
# check attachment inside zip file
deny
message = Attachment has unsupported file format inside zip file
log_message = File extension rejected.
demime = zip
condition = ${run{/bin/sh -c '/usr/local/sbin/exim_check_zip.sh $message_exim_id'}{0}{1}}
ແລ້ວກໍສ້າງ shell ໃຫ້ມັນ ກວດໄຟລ zip
nano /usr/local/sbin/exim_check_zip.sh
ແລະ ເພີ່ມຄຳສັ່ງລົງໄປດັ່ງນີ້ :
#/bin/bash
cd "/var/spool/exim/scan/${1}"
for i in $( ls | egrep -i '[.]zip' )
do
if [ $( unzip -l "${i}" | \
tail -n +4 |head -n -2 | \
egrep -i '[.](bat|btm|cmd|com|cpl|dat|dll|exe|lnk|msi|pif|prf|reg|scr|vb|vbs|url|zip|js)$' | \
wc -l ) -gt 0 ]
then
exit 1
fi
done
exit 0
ໃຫ້ສິດໃນການ Execute
chmod +x /usr/local/sbin/exim_check_zip.sh
ຈາກນັ້ນກໍສັ່ງ restart exim
/etc/init.d/exim retart
ຫລັງຈາກສຳເລັດແລ້ວ ກໍຈະເຫັນວ່າ ຫາກມີການແນບໄວຣັສມາ ກໍຈະມີການຕີກັບໄປຫາຜູ້ສົ່ງ ບອກວ່າໄຟລບໍ່ສະຫນັບສະຫນູນ
Mailog
