Filtering on filename extensions
Q G Campbell
Q.G.Campbell at NEWCASTLE.AC.UK
Tue Oct 23 16:41:09 IST 2001
> -----Original Message-----
> From: Q G Campbell [mailto:Q.G.Campbell at newcastle.ac.uk]
> Sent: 23 October 2001 16:20
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Filtering on filename extensions
>
>
> This site has chosen to use the default
> ~/etc/filename.rules.conf for our roll out of Mailscanner.
>
> One consequence of this decision is that attachments
> containing files such as "proposal.rtf.doc" are now being
> blocked with an "Attempt to hide real filename extension"
> warning message.
>
> This occurs whether or not the .DOC attachment carried a
> virus and was disinfected. I don't think it should have
> blocked simply because of the filenames rules.
>
> In particular I would expect a message with a repeated file
> extension to be delivered, provided it passed the virus scan
> phase, _if_ the last extension was ".DOC".
>
> In the light of the above I would like to ask:
>
> 1. Is it "safe" to modify filename.rules.conf in the way I
> have suggested?
>
> 2. If it is safe, what is the best way to modify the conf
> file to achieve
> delivery of .DOC files.
As an attempt to answer my own question I am going to try, taking the
excerpt from my modified filename.rules.conf file:
...
# Deny all other double file extensions....
deny \.[a-z][a-z0-9]{2,3}\.[a-z0-9]{3}$
# but
allow \.[a-z][a-z0-9]{2,3}\.doc$
# These 2 are well known...
...
Quentin
More information about the MailScanner
mailing list