warn decode = default deny message = Blacklisted file extension detected ($mime_filename) condition = ${if !eq{$acl_c_esf_skip}{1}} condition = ${if match \ {${lc:$mime_filename}} \ {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com|\.vbs|\.cpl|\.jar)$\N} \ {1}{0}} deny message = zip file contains an attachment with a dangerous payload ($mime_filename). condition = ${if !eq{$acl_c_esf_skip}{1}} condition = ${if match \ {${lc:$mime_filename}} \ {\N(\.zip)$\N} \ {1}{0}} condition = ${run{/bin/sh -c '/etc/exim.easy_spam_fighter/exim_check_attachment.sh zip $message_exim_id $mime_decoded_filename'}{0}{1}} log_message = exim_check_attachment.sh: '$mime_filename' contains a dangerous payload.