ZIP file attachments passing through MS 4.35.9 unscanned
Mike
michael at NOMENNESCIO.NET
Tue Dec 21 12:38:05 GMT 2004
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> Behalf Of Adri Koppes
>
> Recently I have noticed some people bypassing the contents scanning of
Zip
> file attachments.
> When a message contains a .zip file attachment, renamed to .txt,
> MailScanner does not seems to detect the presence of the zip file,
despite > the setting of 'Find Archives By Content = yes' in the
MailScanner.conf > file. Examing the message, the zip file is attached
as follows:
>
> Has anyone else noticed this problem? It is real easy to pass
executables
> and other mallicious content.
Use this option in MailScanner.conf: "File Command = /usr/bin/file".
> Regards,
>
> Adri Koppes
Mike.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list