ZIP file attachments passing through MS 4.35.9 unscanned
Adri Koppes
adrik at SALESMANAGER.NL
Tue Dec 21 12:14:00 GMT 2004
Recently I have noticed some people bypassing the contents scanning of Zip
file attachments.
When a message contains a .zip file attachment, renamed to .txt, MailScanner
does not seems to detect the presence of the zip file, despite the setting
of 'Find Archives By Content = yes' in the MailScanner.conf file.
Examing the message, the zip file is attached as follows:
Content-Type: text/plain; name="test.txt"; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Content-Disposition: inline; filename="test.txt"
PK\003\004
Has anyone else noticed this problem? It is real easy to pass executables
and other mallicious content.
Regards,
Adri Koppes
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list