If you use postfix and / or amavisd-new on the mail server, you can use the following recipes to block emails with executable (exe, bat, scr) attachments.

Block the attachments with a postfix header filter

In ISPConfig, click on "Email in the upper menu, then on "Content filter" in the left menu and click on the "Add new content filter" button. Enter the following details:

Filter:

MIME-Header Filter

Regexp. Pattern:

/^Content-(Disposition|Type).*name\s*=\s*"?(.*\.(bat|exe|scr))(\?=)?"?\s*(;|$)/x

Data:

File extension is blacklisted on this server

Action:

DISCARD

Use amavisd-new to block the emails with executable attachments.

Edit the amavisd configuration file (/etc/amavisd.conf or /etc/amavisd/amavisd.conf)

vi /etc/amavisd/amavisd.conf

and add the following lines:

$banned_filename_re = new_RE(
qr'.\.(bat|exe|scr)$'i,
qr'^\.(exe|zip|lha|tnef)$'i,
);

then restart amavisd-new:

/etc/init.d/amavis restart

Tagged on:

5 thoughts on “Blocking .exe attachments with postfix or amavisd-new and ISPConfig 3

  • January 11, 2010 at 9:12 am
    Permalink

    .com files should be blocked too.

    Reply
  • April 27, 2011 at 7:57 pm
    Permalink

    How do you block and send an email only to the recipient? and forward the block email to a specific address like remove@mydomain.com.

    Reply
  • April 23, 2014 at 4:01 pm
    Permalink

    Hi, Is it really a file type blocking or only a file extension one?
    I mean in both postfix and amavis-new…

    Thanks

    Reply
  • February 11, 2016 at 10:48 am
    Permalink

    i tried to block *.zip, *bat and *.exe using this:

    /^Content-(Disposition|Type).*name\s*=\s*”?(.*\.(zip|bat|exe))(\?=)?”?\s*(;|$)/x

    but it’s not working as clients still can receive attached zip files.

    Reply
    • February 17, 2016 at 6:03 pm
      Permalink

      the same. mime header filter not work

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*