Block Attachments in Postfix

One of our clients requested that we block specific email attachments that come in - their large network was starting to suffer under the storm of non-work emails flying around the office - funny video clips, songs, etc, etc. Not only that, several gullible people had infected their PCs with viruses and malware because they ran dodgy .exe files that managed to bypass the anti-virus filters.

Luckily, blocking specific mail attachments in Postfix is pretty straightforward and only takes a minute or two to set up.

What You’ll Need

1. Postifx

Step 1

First, we’ll need to activate the header checker in postfix. Make sure the mime_header_checks option is uncommented in main.cf and looks like this:

mime_header_checks = regexp:/etc/postfix/maps/mime_header_checks

Naturally, /etc/postfix/maps/mime_header_checks is the location of file that contains the info on the blocked attachments.

Step 2

Edit/create /etc/postfix/maps/mime_header_checks, then add in the following content:

/^\s*Content­(Disposition|Type).*name\s*=\s*"?(.+\.(mov|mpg|mpeg|avi|wmv))"?\s*$/
REJECT Files attached to emails that contain or end in "$3" are prohibited on this server as they may contain viruses. The file named "$2" was rejected

Naturally, the file types to be blocked go in the brackets containing ‘mov|mpg…’, and each one is seperated by a pipe. Also, Wordpress seems to sometimes make that first line appear as two - the part that begins and ends with ‘/’ must be on one line.

Restart Postfix, or get it to reload the configuration files, and there you have it! Whenever a forbidden file attachment is detected (based on the MIME type), it is removed and the message is added to the email information the recipient of this.