problems with "very long filename" rule?
Peter Bonivart
peter at UCGBOOK.COM
Wed Dec 22 20:31:39 GMT 2004
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Dan Hollis wrote:
> Why is this rule tripping?
> filename.rules.conf:deny .{150,} Very long filename, possible OE attack Very long filenames are good signs of attacks against Microsoft e-mail packages
>
> Our users are getting reports like this:
> Report: Very long filenames are good signs of attacks against Microsoft e-mail packages (Inbox%3Fnumber=5.jpg)
>
> Surely it shouldnt be tripping on that file? It's not a long filename.
That's the sanitized version of the name. Look in the quarantine for the
real name.
--
/Peter Bonivart
--Unix lovers do it in the Sun
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list