winmail.dat inspection for Sophos or McAfee

Denis Beauchemin Denis.Beauchemin at USHERBROOKE.CA
Thu Oct 17 19:10:29 IST 2002


Hi,

We block all potentially dangerous file types such as ".exe", ".pif",
".bat", ... but we couldn't enforce this rule in winmail.dat files
because McAfee (and Sophos) knows about these files and can scan them.

Well, if you tell MailScanner to "Expand TNEF = yes" you get this
feature back.  Thus people using Outlook's "rich text" feature won't be
able to slip through the cracks of your filename.rules.conf if you want
to block any file types.

Thought I'd share this goodie with everyone.

Denis
-- 
Denis Beauchemin, analyste
Université de Sherbrooke, S.T.I.
T: 819.821.8000x2252 F: 819.821.8045




More information about the MailScanner mailing list