Ban attachments in messages
Email attachments are documents sent as part of an email message but that are not part of the body of the message. Sending attachments with an email offers an easy way to share small files with someone else, with a message explaining why they have been sent.
As a result of computer viruses and other malicious code which can be transmitted as email attachments, you can create rules that ban messages that contains attachments by file type.
Here it is an example of dangerous attachments:
ade, adp, app, bas, bat, chm, cmd, com, cpl, crt, csh, exe, fxp, hlp, hta, inf, ins, isp, js, jse, ksh, lnk, mdb, mde, mdt, mdw, msc, msi, msp, mst, ops, pcd, pif, prg, reg, scr, sct, shb, shs, url, vb, vbe, vbs, wsc, wsf, wsh, xml,
With Artica you can create several rules and apply some rules to groups.
In each rule, you can select attachments that are banned or/and attachments defined as whitelisted.
- On the left pan, choose Amavis.
The objective is:
- Create groups and add addresses and domains in groups.
- Create extensiosn rules and add banned/allowed extensions
- Link groups to extensions rules.
- Choose global settings tab and click on File content type checking icon.
- Click on New Group button and define a group name.
- Click on the added group link.
- Click on "New member" button in order to add addresses or domains to match.
- You can add email address such as "email@example.com" or full domains that match rule such as ".example.com".
For all domains or all address just add "." as pattern.
to import multiple values, separate them with a comma such as: .example.com,.example.org,firstname.lastname@example.org
- Click on rules tab.
- Click on New rule button and choose a banned extension rule name.
- Click on the link of the new added rule.
- Click on New item.
- Give file extensions you want to ban.
separate them by a space if you want to set more than obe extension: eg : exe com bat dll src ssh
- You can see a "Pass" column.
If an extension is enabled in Pass column it will be turned to "allowed" extension that means this specific extension is allowed from the rule.
After creating groups and rules, you need to click on "Compile rules" in order to reload service and build the configuration.