ZIP file attachments passing through MS 4.35.9 unscanned
Julian Field
mailscanner at ecs.soton.ac.uk
Tue Dec 21 14:08:34 GMT 2004
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Please try the attached patch to Message.pm.
Adri Koppes wrote:
>>-----Original Message-----
>>From: Mike [mailto:michael at NOMENNESCIO.NET]
>>Sent: 21 December, 2004 13:38
>>To: MAILSCANNER at JISCMAIL.AC.UK
>>Subject: Re: ZIP file attachments passing through MS 4.35.9 unscanned
>>
>>
>>
>>
>>>From: MailScanner mailing list
>>>
>>>
>>[mailto:MAILSCANNER at JISCMAIL.AC.UK] On
>>
>>
>>>Behalf Of Adri Koppes
>>>
>>>Recently I have noticed some people bypassing the contents
>>>
>>>
>>scanning of
>>Zip
>>
>>
>>>file attachments.
>>>When a message contains a .zip file attachment, renamed to .txt,
>>>MailScanner does not seems to detect the presence of the zip file,
>>>
>>>
>>despite > the setting of 'Find Archives By Content = yes' in the
>>MailScanner.conf > file. Examing the message, the zip file
>>is attached
>>as follows:
>>
>>
>>>Has anyone else noticed this problem? It is real easy to pass
>>>
>>>
>>executables
>>
>>
>>>and other mallicious content.
>>>
>>>
>>Use this option in MailScanner.conf: "File Command = /usr/bin/file".
>>
>>
>
>I already have that set and verified it's working. For instance MPEG's and
>AVI's are blocked regardless of the attached filename.
>
>Adri
>
>
--
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
[ Part 2, Application/X-GZIP 512bytes. ]
[ Unable to print this part. ]
More information about the MailScanner
mailing list