Score:1

What are my server-side options for scanning email attachments for words and phrases?

br flag

I currently run an email system with Postfix/Dovecot and I am looking for a way to scan the contents of attachments (mainly doc(x) and pdf) for certain words and bounce the email back to the user with a message in case something has been found. Amavis doesn't seem to work (no option to scan the body), rspamd doesn't scan inside of attachments. I guess I can always try and write my own milter but I'd like to know if there is something more ready-made and open source I could try and plug into my existing environment.

us flag
Good old SpamAssassin might cover this.
anx avatar
fr flag
anx
If you reduce your "must bounce" requirement for a softer "must be measurable", you can schedule a regular search on relevant mailboxes, e.g. Dovecot FTS has a `fts_decoder` setting to (execute *very dangerous* parsers on possibly malicious arbitrary input and to) make [attachment content available as text](https://github.com/dovecot/core/blob/release-2.2.21/src/plugins/fts/decode2text.sh) to the usual IMAP text search & utilities. For some goals, this will still outperform senders working around your filter by sending not-automatically-processable URLs whenever their attachments bounce.
Mark avatar
br flag
@glts Thanks for the pointer. I had another look at the documentation and found references to a plugin called "ExtractText". Documentation for SpamAssassin could use some improvement but I'll give it a shot over the course of next week!
Mark avatar
br flag
@anx Unfortunately, the bounce is a must have requirement. I am aware that I won't be able to scan all types of attachments under the sun but that is ok because it only needs to prevent the most common user accidents from happening.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.