Bug in filename rules handling?

[Remco Barendse]

This morning we have received a message with filename extension hiding.
The attachment is named ACN.DOC.xls.doc

Mar 10 17:38:12 linux MailScanner[17336]: New Batch: Scanning 1 messages, 38249 bytes
Mar 10 17:38:12 linux MailScanner[17336]: Virus and Content Scanning: Starting
Mar 10 17:38:12 linux MailScanner[17336]: Filename Checks: Found possible filename hiding (ACN.DOC.xls.doc)
Mar 10 17:38:12 linux MailScanner[17336]: Other Checks: Found 1 problems
Mar 10 17:38:12 linux MailScanner[17336]: Saved entire message to /var/spool/MailScanner/quarantine/20030310/h2AGcBSh018875
Mar 10 17:38:12 linux MailScanner[17336]: Cleaned: Delivered 1 cleaned messages

Although a notification was sent to postmaster that a virus had been
caught, and the message subject was correctly modified and there was a
notification inside the message to look inside VirusWarning.txt things
didn't work.

The attachment was let through 'as-is' without renaming or without
removing it. Furthermore there was no VirusWarning.txt attached to the
mail message although the body of the message referred to it. I have set
however that warnings should *not* be sent as an attachment so maybe this
is another bug?

Things worked fine with the 4.12 release, this was found on release
4.13-3

The message went through our Exchange server and because of a forward rule
the message was sent outside again. Again MailScanner reported the problem
but did not remove the attachment!


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.