Quote:
|
Originally Posted by sami.ma
I want to block the attachments on internet email sites (yahoo,hotmail etc) for my LAN users.
|
If you want to filter attachments from inbound email messages, take a look here:
impsec.org/email-tools/procmail-security.html
(LQ won't let me post proper URLs yet... feh.)
If you want to block people from downloading attachments from their webmail accounts, that's a little more difficult. Assuming you use squid as your proxy, you'd set up something like this...
Code:
# insert the following into /etc/squid/squid.conf in the acls/http_access section:
acl WEBMAIL dstdom_regex -i "/etc/squid/webmails"
acl EXECUTABLE urlpath_regex -i "/etc/squid/executables"
http_access deny WEBMAIL EXECUTABLE
Code:
$ cat /etc/squid/webmails
email\.cnn\.com
hotmail\.com
hotmail\.msn\.com
inbox\.excite\.com
email\.excite\.com
mail\.chek\.com
mail\.yahoo\.com
mailchek\.com
passport\.com
webmail\.netscape\.com
webmail[a-z]\.juno\.com
aolanywhere\.com
[^.]*mail[^.]*\.[^.]*\.(com|net)
I don't have a gmail account so I don't know what their message URLs look like.
Code:
$ cat /etc/squid/executables
\.asd$
\.asd\?.*$
\.bat$
\.bat\?.*$
\.chm$
\.chm\?.*$
\.com$
\.com\?.*$
\.dll$
\.dll\?.*$
\.exe$
\.exe\?.*$
\.hlp$
\.hlp\?.*$
\.hta$
\.hta\?.*$
\.lnk$
\.lnk\?.*$
\.ocx$
\.ocx\?.*$
\.pif$
\.pif\?.*$
\.reg$
\.reg\?.*$
\.scr$
\.scr\?.*$
\.shb$
\.shb\?.*$
\.shs$
\.shs\?.*$
\.vb$
\.vb\?.*$
\.vbe$
\.vbe\?.*$
\.vbs$
\.vbs\?.*$
\.wsc$
\.wsc\?.*$
\.wsf$
\.wsf\?.*$
\.wsh$
\.wsh\?.*$
Hope this helps!
--
John Hardin KA7OHZ
jhardin@impsec.org
http://www.impsec.org/~jhardin/
pgpk -a jhardin@impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The first time I saw a bagpipe, I thought the player was torturing
an octopus. I was amazed they could scream so loudly.
