So, I looked for ways to block .doc and .docx attachments, however blocking documents with macros seems the best solution. This doesn't block documents in .zip files, but that's ok because when a user opens a .zip file, the zip program places temporary copies on the drive where the user's antivirus can see them.
I created this directory and file:
nano /etc/e-smith/templates-custom/etc/clamd.conf/25OLE2BlockMacros
Then paste this into the file:
OLE2BlockMacros yes
Save and exit. Then activate:
signal-event post-upgrade
signal-event reboot
Big thanks to compdoc for this!
16 Replies
6115 Views