← Back to branch summary

~ubuntu-branches/ubuntu/maverick/postfix/maverick-security

~ubuntu-branches/ubuntu/maverick/postfix/maverick-security

« back to all changes in this revision

Viewing changes to conf/header_checks

Committer: Bazaar Package Importer
Author(s): LaMont Jones, Wietse Venema, LaMont Jones
Date: 2009-06-03 14:17:08 UTC
mfrom: (1.1.22 upstream)
Revision ID: james.westby@ubuntu.com-20090603141708-o9u59xlor7nmd2x1

[Wietse Venema]

* New upstream release: 2.6.2~rc1

[LaMont Jones]

* move postfix-add-{filter,policy} manpages to section 8, and deliver
* provide: default-mta on ubuntu

files added:
README_FILES/MULTI_INSTANCE_README

RELEASE_NOTES-2.5

TLS_TODO

conf/postfix-wrapper

conf/postmulti-script

debian/postfix-add-filter.8

debian/postfix-add-policy.8

html/MULTI_INSTANCE_README.html

html/postfix-wrapper.5.html

html/postmulti.1.html

man/man1/postmulti.1

man/man5/postfix-wrapper.5

mantools/check-postlink

proto/MULTI_INSTANCE_README.html

proto/postfix-wrapper

src/cleanup/cleanup_milter.in13a

src/cleanup/cleanup_milter.in13b

src/cleanup/cleanup_milter.in13c

src/cleanup/cleanup_milter.in13d

src/cleanup/cleanup_milter.ref13a

src/cleanup/cleanup_milter.ref13b

src/cleanup/cleanup_milter.ref13c

src/cleanup/cleanup_milter.ref13d

src/cleanup/test-queue-file13a

src/cleanup/test-queue-file13b

src/cleanup/test-queue-file13c

src/cleanup/test-queue-file13d

src/global/mail_conf_nint.c

src/global/match_service.c

src/global/match_service.h

src/master/master_watch.c

src/postmulti

src/postmulti/.indent.pro

src/postmulti/Makefile.in

src/postmulti/postmulti.c

src/smtpd/smtpd_resolve.c

src/smtpd/smtpd_resolve.h

src/util/edit_file.c

src/util/edit_file.h

src/util/inet_windowsize.c

files removed:
debian/postfix-add-filter.1

debian/postfix-add-policy.1

files modified:
.indent.pro

HISTORY

Makefile.in

README_FILES/AAAREADME

README_FILES/ADDRESS_REWRITING_README

README_FILES/ADDRESS_VERIFICATION_README

README_FILES/BUILTIN_FILTER_README

README_FILES/DEBUG_README

README_FILES/FILTER_README

README_FILES/MILTER_README

README_FILES/NFS_README

README_FILES/OVERVIEW

README_FILES/PACKAGE_README

README_FILES/SCHEDULER_README

README_FILES/SMTPD_ACCESS_README

README_FILES/SMTPD_POLICY_README

README_FILES/STANDARD_CONFIGURATION_README

README_FILES/STRESS_README

README_FILES/TLS_LEGACY_README

README_FILES/TLS_README

README_FILES/TUNING_README

README_FILES/XFORWARD_README

RELEASE_NOTES

auxiliary/name-addr-test/getaddrinfo.c

conf/access

conf/header_checks

conf/post-install

conf/postfix-files

conf/postfix-script

conf/transport

debian/changelog

debian/control

debian/po/eu.po

debian/rules

html/ADDRESS_REWRITING_README.html

html/ADDRESS_VERIFICATION_README.html

html/BASIC_CONFIGURATION_README.html

html/BUILTIN_FILTER_README.html

html/DEBUG_README.html

html/DSN_README.html

html/FILTER_README.html

html/IPV6_README.html

html/MAILDROP_README.html

html/MILTER_README.html

html/Makefile.in

html/NFS_README.html

html/OVERVIEW.html

html/PACKAGE_README.html

html/SCHEDULER_README.html

html/SMTPD_ACCESS_README.html

html/SMTPD_POLICY_README.html

html/STANDARD_CONFIGURATION_README.html

html/STRESS_README.html

html/TLS_LEGACY_README.html

html/TLS_README.html

html/TUNING_README.html

html/UUCP_README.html

html/VERP_README.html

html/XFORWARD_README.html

html/access.5.html

html/anvil.8.html

html/bounce.5.html

html/bounce.8.html

html/cleanup.8.html

html/defer.8.html

html/discard.8.html

html/error.8.html

html/flush.8.html

html/header_checks.5.html

html/index.html

html/lmtp.8.html

html/local.8.html

html/mailq.1.html

html/master.8.html

html/mysql_table.5.html

html/newaliases.1.html

html/oqmgr.8.html

html/pcre_table.5.html

html/pickup.8.html

html/pipe.8.html

html/postalias.1.html

html/postconf.1.html

html/postconf.5.html

html/postdrop.1.html

html/postfix-logo.jpg

html/postfix-manuals.html

html/postfix.1.html

html/postlog.1.html

html/postmap.1.html

html/postqueue.1.html

html/postsuper.1.html

html/qmgr.8.html

html/qmqpd.8.html

html/scache.8.html

html/sendmail.1.html

html/showq.8.html

html/smtp-sink.1.html

html/smtp-source.1.html

html/smtp.8.html

html/smtpd.8.html

html/spawn.8.html

html/tlsmgr.8.html

html/trace.8.html

html/transport.5.html

html/trivial-rewrite.8.html

html/verify.8.html

html/virtual.8.html

makedefs

man/Makefile.in

man/man1/postalias.1

man/man1/postconf.1

man/man1/postdrop.1

man/man1/postfix.1

man/man1/postlog.1

man/man1/postmap.1

man/man1/postqueue.1

man/man1/postsuper.1

man/man1/sendmail.1

man/man1/smtp-sink.1

man/man1/smtp-source.1

man/man5/access.5

man/man5/bounce.5

man/man5/header_checks.5

man/man5/mysql_table.5

man/man5/pcre_table.5

man/man5/postconf.5

man/man5/transport.5

man/man8/anvil.8

man/man8/bounce.8

man/man8/cleanup.8

man/man8/discard.8

man/man8/error.8

man/man8/flush.8

man/man8/local.8

man/man8/master.8

man/man8/oqmgr.8

man/man8/pickup.8

man/man8/pipe.8

man/man8/qmgr.8

man/man8/qmqpd.8

man/man8/scache.8

man/man8/showq.8

man/man8/smtp.8

man/man8/smtpd.8

man/man8/spawn.8

man/man8/tlsmgr.8

man/man8/trivial-rewrite.8

man/man8/verify.8

man/man8/virtual.8

mantools/fixman

mantools/postconf2man

mantools/postlink

postfix-install

proto/ADDRESS_REWRITING_README.html

proto/ADDRESS_VERIFICATION_README.html

proto/BUILTIN_FILTER_README.html

proto/DEBUG_README.html

proto/FILTER_README.html

proto/MILTER_README.html

proto/Makefile.in

proto/NFS_README.html

proto/OVERVIEW.html

proto/PACKAGE_README.html

proto/SCHEDULER_README.html

proto/SMTPD_ACCESS_README.html

proto/SMTPD_POLICY_README.html

proto/STANDARD_CONFIGURATION_README.html

proto/STRESS_README.html

proto/TLS_LEGACY_README.html

proto/TLS_README.html

proto/TUNING_README.html

proto/XFORWARD_README.html

proto/access

proto/bounce

proto/header_checks

proto/mysql_table

proto/pcre_table

proto/postconf.proto

proto/transport

src/anvil/anvil.c

src/bounce/bounce.c

src/bounce/bounce_notify_service.c

src/bounce/bounce_notify_util.c

src/bounce/bounce_notify_verp.c

src/bounce/bounce_one_service.c

src/bounce/bounce_trace_service.c

src/bounce/bounce_warn_service.c

src/cleanup/Makefile.in

src/cleanup/cleanup.c

src/cleanup/cleanup.h

src/cleanup/cleanup_addr.c

src/cleanup/cleanup_envelope.c

src/cleanup/cleanup_extracted.c

src/cleanup/cleanup_init.c

src/cleanup/cleanup_message.c

src/cleanup/cleanup_milter.c

src/cleanup/cleanup_milter.ref11

src/cleanup/cleanup_state.c

src/cleanup/test-queue-file11

src/discard/discard.c

src/dns/dns.h

src/dns/dns_lookup.c

src/dns/test_dns_lookup.c

src/error/error.c

src/flush/flush.c

src/fsstone/Makefile.in

src/fsstone/fsstone.c

src/global/Makefile.in

src/global/deliver_request.c

src/global/dict_ldap.c

src/global/dict_proxy.c

src/global/dsn_buf.c

src/global/header_opts.c

src/global/int_filt.c

src/global/int_filt.h

src/global/mail_conf.c

src/global/mail_conf.h

src/global/mail_copy.c

src/global/mail_open_ok.c

src/global/mail_params.c

src/global/mail_params.h

src/global/mail_version.h

src/global/namadr_list.in

src/global/namadr_list.ref

src/global/verp_sender.c

src/global/verp_sender.h

src/local/local.c

src/master/Makefile.in

src/master/mail_server.h

src/master/master.c

src/master/master.h

src/master/master_ent.c

src/master/master_vars.c

src/master/multi_server.c

src/master/single_server.c

src/master/trigger_server.c

src/milter/Makefile.in

src/milter/milter.c

src/milter/milter.h

src/milter/milter8.c

src/milter/test-milter.c

src/oqmgr/qmgr.c

src/oqmgr/qmgr_deliver.c

src/oqmgr/qmgr_message.c

src/oqmgr/qmgr_transport.c

src/pickup/pickup.c

src/pipe/pipe.c

src/postalias/postalias.c

src/postconf/Makefile.in

src/postconf/extract.awk

src/postconf/postconf.c

src/postdrop/postdrop.c

src/postfix/postfix.c

src/postlog/postlog.c

src/postmap/Makefile.in

src/postmap/postmap.c

src/postqueue/postqueue.c

src/postsuper/postsuper.c

src/qmgr/qmgr.c

src/qmgr/qmgr.h

src/qmgr/qmgr_deliver.c

src/qmgr/qmgr_entry.c

src/qmgr/qmgr_job.c

src/qmgr/qmgr_message.c

src/qmgr/qmgr_queue.c

src/qmgr/qmgr_transport.c

src/qmqpd/qmqpd.c

src/qmqpd/qmqpd.h

src/scache/scache.c

src/sendmail/sendmail.c

src/showq/showq.c

src/smtp/Makefile.in

src/smtp/lmtp_params.c

src/smtp/smtp.c

src/smtp/smtp.h

src/smtp/smtp_chat.c

src/smtp/smtp_connect.c

src/smtp/smtp_params.c

src/smtp/smtp_proto.c

src/smtp/smtp_rcpt.c

src/smtp/smtp_reuse.c

src/smtp/smtp_sasl_glue.c

src/smtp/smtp_sasl_proto.c

src/smtp/smtp_session.c

src/smtpd/Makefile.in

src/smtpd/smtpd.c

src/smtpd/smtpd.h

src/smtpd/smtpd_chat.c

src/smtpd/smtpd_check.c

src/smtpd/smtpd_check.in

src/smtpd/smtpd_check.in2

src/smtpd/smtpd_check.ref

src/smtpd/smtpd_check.ref2

src/smtpd/smtpd_dsn_fix.h

src/smtpd/smtpd_exp.in

src/smtpd/smtpd_exp.ref

src/smtpd/smtpd_milter.c

src/smtpd/smtpd_proxy.c

src/smtpd/smtpd_sasl_glue.c

src/smtpd/smtpd_sasl_glue.h

src/smtpd/smtpd_sasl_proto.c

src/smtpd/smtpd_state.c

src/smtpd/smtpd_xforward.c

src/smtpstone/smtp-sink.c

src/smtpstone/smtp-source.c

src/spawn/spawn.c

src/tls/Makefile.in

src/tls/tls.h

src/tls/tls_bio_ops.c

src/tls/tls_certkey.c

src/tls/tls_client.c

src/tls/tls_dh.c

src/tls/tls_misc.c

src/tls/tls_server.c

src/tls/tls_verify.c

src/tlsmgr/tlsmgr.c

src/trivial-rewrite/resolve.c

src/trivial-rewrite/trivial-rewrite.c

src/util/Makefile.in

src/util/argv.h

src/util/argv_split.c

src/util/auto_clnt.c

src/util/dict_pcre.ref

src/util/events.c

src/util/hex_quote.c

src/util/inet_connect.c

src/util/inet_listen.c

src/util/iostuff.h

src/util/myaddrinfo.h

src/util/name_mask.c

src/util/stream_send_fd.c

src/util/sys_defs.h

src/util/vstream.c

src/util/vstream.h

src/util/write_buf.c

src/verify/verify.c

src/virtual/virtual.c

src/xsasl/xsasl.h

src/xsasl/xsasl_client.c

src/xsasl/xsasl_cyrus_client.c

src/xsasl/xsasl_cyrus_server.c

src/xsasl/xsasl_dovecot_server.c

src/xsasl/xsasl_server.c

Show diffs side-by-side

added added

removed removed

conf/header_checks

358

358

#

359

359

# EXAMPLES

360

360

# Header pattern to block attachments with bad file name

361

# extensions.

361

# extensions. For convenience, the PCRE /x flag is speci-

362

# fied, so that there is no need to collapse the pattern

363

# into a single line of text. The purpose of the

364

# [[:xdigit:]] sub-expressions is to recognize Windows CLSID

365

# strings.

362

366

#

363

367

# /etc/postfix/main.cf:

364

# header_checks = regexp:/etc/postfix/header_checks

368

# header_checks = pcre:/etc/postfix/header_checks.pcre

365

369

#

366

# /etc/postfix/header_checks:

367

# /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/

368

# REJECT Bad attachment file name extension: $2

370

# /etc/postfix/header_checks.pcre:

371

# /^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(

372

# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|

373

# hlp|ht[at]|

374

# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|

375

# \{[[:xdigit:]]{8}(?:-[[:xdigit:]]{4}){3}-[[:xdigit:]]{12}\}|

376

# ops|pcd|pif|prf|reg|sc[frt]|sh[bsm]|swf|

377

# vb[esx]?|vxd|ws[cfh]))(\?=)?"?\s*(;|$)/x

378

# REJECT Attachment name "$2" may not end with ".$4"

369

379

#

370

380

# Body pattern to stop a specific HTML browser vulnerability

371

381

# exploit.

Older »