Exim/ACL: How to whitelist users when rejecting emails with disallowed mime attachments

Question

Debian Squeeze/Exim 4.72: ACL

I have the more or less standard exim acl for rejecting emails based on mime attachments with some common compressed file extensions added in (.zip/.rar etc.)

  deny      set acl_m1      = ${extract{-1}{.}{${lc:$mime_filename}}}
            message         = This message contains a prohibited file extension ($acl_m1)
            log_message     = REJECTED ATTACHMENT ($acl_m1)
            condition       = ${if match{$acl_m1}\N^(ade|adp|bas|bat|chm|cmd|com|cpl|crt|eml|enc|exe|hlp|hta|inf|ins|isp|js|jse|mdb|lnk|mde|msc|msi|msp|mst|pcd|pif|rar|reg|scr|sct|shs|url|vbs|vbe|wsf|wsh|wsc|zip)$\N}{1}{0}}

Q: How would I use a "Whitelist" to allow specific users to receive emails containing attachments of a certain type (e.g. .zip)?

Thx

score 1 · Answer 1 · answered May 05 '16 at 19:46

I use this ACL:

 deny
   !senders = lsearch;/etc/exim4/local_sender_whitelist
   message = This message contains an attachment of a type which we do not accep
   demime  = bat:btm:cmd:com:cpl:dll:exe:lnk:msi:pif:prf:reg:scr:vbs:url:doc:docx:xls:xlsx

Where /etc/exim4/local_sender_whitelist contains one (and only one) email address per line. If you wanted some more clever white list, have a look at @@lsreach in the documentation.

Note that some clever spammer/phiser can work out that you are using whitelists and can spoof the sender of the emails.

Exim/ACL: How to whitelist users when rejecting emails with disallowed mime attachments

1 Answers1