~control/signatures

From Qmail-LDAP Wiki

Jump to: navigation, search

This file contains content signatures for the REJECTEXEC functionality.

Default: 

none

Example: 

# block some windows executables, exe|com|pif|scr
TVqQAAMAA
# block MyDoom
UEsDBAoAAAAAA*****DKJx+eAFgAAABYAA**AAAA

Notes:

  • These signatures are matched for in the first line of mime attachments.
  • Be sure to make them as specific as possible to avoid to have a too broad filter and matching valid content.
  • The asterisk (*) is a single placeholder that will match any single character at that position.
  • The signature is litteraly matches and no decoding of mime attachments is being done.
  • Normally the signature contains the base64 encoded version of the string you want to match.
  • Lines starting with a hash sign (#) are ignored and can be used for comments.
  • The default file contains signatures of Windows executable files (exe|com|pif|scr, etc) and common email Virii at the time of the current release.
Retrieved from "http://www.qmail-ldap.org/wiki/index.php/%7Econtrol/signatures"
Personal tools