I need to tweak filename rules
Mike Kercher
mike at CAMAROSS.NET
Tue Jan 27 06:00:30 GMT 2004
I *think* that's a different match. I'm not good with regexp :)
I rely on my virus scanners to catch infected files and this is why I run
sophossavi AND clamavmodule.
Mike
> -----Original Message-----
> From: MailScanner mailing list
> [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Chris Yuzik
> Sent: Monday, January 26, 2004 11:33 PM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: I need to tweak filename rules
>
> Mike Kercher wrote:
>
> >Look at the very last rule in /etc/MailScanner/filename.rules.conf
> >
> ># Deny all other double file extensions. This catches any
> hidden filenames.
> >allow \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$ Found
> possible filename
> >hiding
> >
> >Note: I have changed mine to ALLOW these and not deny them.
> Make sure
> >you reload MailScanner after altering this file.
> >
> >
> Mike,
>
> OK, that should be interesting.
>
> But what about this, which is commented in the top few lines
> of the file?
>
> # Due to a bug in Outlook Express, you can make the 2nd from
> last extension # be what is used to run the file.
>
> So, would that mean that OE might actually run
> "somebadfile.exe.doc" as an exe? If that's the case, then
> perhaps overriding the rule isn't a good idea.
>
> Any thoughts?
>
> Cheers,
> Chris
>
More information about the MailScanner
mailing list