Package: amavisd-new Version: 1:2.10.1-2~deb8u1 Severity: wishlist Tags: upstream
I'm used to filter mails which contain javascript or other kinds of directly executable scripts. This is simply done with some regex's in postfix body_checks. But since some time javascript-trojans will increasingly be send as base64 encoded html attachment, and in this case my approach to block them via simple textanalysis fails. With amavis I can quarantine javascript attachments (.js), I can quarantine zipped attachments containing .js files - but I can't see no way, how to quarantine attachments, which - after base64-decoding - contain script as pure text. If an attachment in it's very nature is a common text file, postfix seems to be the first place to do some regex filtering on it. But I guess, it's beyond postfix's scope to recognize and decode such attachments before regexing. So it would be great, if them could be filtered with either amavis or with an amavis plugin. -- System Information: Debian Release: 8.7 APT prefers stable APT policy: (700, 'stable'), (500, 'stable-updates'), (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
