Filtering on filename extensions

Q G Campbell Q.G.Campbell at NEWCASTLE.AC.UK
Tue Oct 23 16:41:09 IST 2001

> -----Original Message-----
> From: Q G Campbell [mailto:Q.G.Campbell at] 
> Sent: 23 October 2001 16:20
> Subject: Filtering on filename extensions
> This site has chosen to use the default 
> ~/etc/filename.rules.conf for our roll out of Mailscanner.
> One consequence of this decision is that attachments 
> containing files such as "proposal.rtf.doc" are now being 
> blocked with an "Attempt to hide real filename extension" 
> warning message.
> This occurs whether or not the .DOC attachment carried a 
> virus and was disinfected. I don't think it should have 
> blocked simply because of the filenames rules.
> In particular I would expect a message with a repeated file 
> extension to be delivered, provided it passed the virus scan 
> phase, _if_ the last extension was ".DOC".
> In the light of the above I would like to ask:
>  1. Is it "safe" to modify filename.rules.conf in the way I 
> have suggested?
>  2. If it is safe, what is the best way to modify the conf 
> file to achieve
>     delivery of .DOC files.

As an attempt to answer my own question I am going to try, taking the
excerpt from my modified filename.rules.conf file:

# Deny all other double file extensions....
deny   \.[a-z][a-z0-9]{2,3}\.[a-z0-9]{3}$
# but
allow  \.[a-z][a-z0-9]{2,3}\.doc$

# These 2 are well known...


More information about the MailScanner mailing list