Mail Firewall

What Is It?

It's a solution for the problem of all of the nasty E-mail attachments people keep sending through your mail servers.

The mail admin defines what types of attachments are acceptable, and only those attachments will be allowed through. Other attachments will be removed, and the message recipient will get the acceptable parts of the E-mail, prefixed by a message describing what was removed, and why.

What Do I Need To Run My Own?

  1. Perl.
  2. Net::SMTP
  3. MIME::Parser
  4. A machine to run the mail firewall on.

How Do I Start

Download a release of mailfw, make sure your perl has all of the necessary modules.

Mail Server Configuration

My mail server of choice is Postfix, but it should be possible to use this with any mail server.

mailfw goes between the Internet and your primary internal mail server. You know more about your mail setup than I do, so you should be able to figure out how to make sure that all mail goes to a mail firewall first. My postfix configuration looks like this:

master.cf 
mailfw    unix  -       n       n       -       10      pipe
	flags=R user=nobody argv=/usr/local/sbin/mailfw $sender $recipient
main.cf 
mailbox_transport = mailfw

Given that configuration, all mail defined to be delivered locally should be firewalled.

mailfw Configuration

mailfw will also need to be configured. Edit the mailfw script, and look for the line that says $conf_file="mailfw.conf"; and change it to the path of your mailfw config file (mine is /usr/local/etc/mailfw.conf).

Next, make sure that your mailfw.conf is in that place, and is configured the way you want it. In particular, make sure that the mime_ok and ext_bad paths are absolute paths to the locations of the respective files. mime.ok contains patterns to be tested against the mime-types of incoming files (Warning: MS products tend to come in with a lot of different mime-types, so if you need them, you'll spend a bit trying to get them all in there), and ext.bad contains the extensions (a test against the end of the suggested filenames), for files that make it through the mime test.

Also note that the mailstore directive defines the location where all incoming messages will be archived before having attachments removed. You might want to make sure you have room for that, and that you clean it up periodically.

Where's The Project Page?

Here.
Copyright © 1997-2000 Dustin Sallings of SPY Internetworking