How can I block/reject doc, docx containing macro on my mail server?

Question

I'm wondering if it is possible to block/reject emails with .doc or .docx containing macro?

Is there any solution for postfix to be used in order to reject this kind of attachments?

Today I just received file which is type of ransomware - containing macro:

Meanwile I have cheked with olevba.py

olevba 0.46 - http://decalage.info/python/oletools
Flags        Filename                                                         
-----------  -----------------------------------------------------------------
OpX:MASIHB-- /home/user/Desktop/490141.doc
===============================================================================
FILE: /home/user/Desktop/490141.doc
Type: OpenXML
-------------------------------------------------------------------------------
VBA MACRO ThisDocument.cls 
in file: word/vbaProject.bin - OLE stream: u'VBA/ThisDocument'
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

https://www.hybrid-analysis.com/sample/03ed8927e9af6357133afc3bd78f84b56e00977f062dd27d7fc4ec65eba1c104?environmentId=100

That will be a great thing if it is possible to achieve.

Edit: As this is security relevant, I'm adding this here: Please see the below comment that one should block docm as well.

Answer 1

This is possible via SpamAssasin for example, which is

a mature, widely-deployed open source project that serves as a mail filter to identify Spam. SpamAssassin uses a variety of mechanisms including header and text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases. SpamAssassin runs on a server, and filters spam before it reaches your mailbox.

Either write your own plugin, which checks for the existence of macros inside these files (some common tips for writing plugins), or, maybe the better alternative, try something like this (and contribute back improvements and/or bug fixes). I'm not using the later, so can't judge on the quality.