ANNOUNCE: Unstable 4.28.3 released
Richard Lynch
rich at MAIL.WVNET.EDU
Thu Mar 4 01:35:41 GMT 2004
Julian Field wrote:
> At 13:49 03/03/2004, you wrote:
>
>> Julian Field wrote:
>>
>>> Download as usual from www.mailscanner.info.
>>>
>>> Please report any problems!
>>
>>
>> Ok, something is still no right. I have...
>>
>> Allow Password-Protected Archives = no
>>
>> and
>>
>> Maximum Archive Depth = 0 (I also tried -1)
>>
>> When Maximum Archive Depth is set to -1 or 0 it will deliver a password
>> protected zip file even though I have Allow Password-Protected Archives
>> set to "no". If I have Maximum Archive Depth set to 3 then the
>> protected zip is not delivered as expected but internal zip checking is
>> done which is what I want to disable. I hope I'm not misinterpreting
>> how this should work.
>
>
> You can't currently check the contents of the zip files without unpacking
> them. Unpacking them causes the other checks to be run on their members.
>
> So now I have changed it:
> setting the options as you have given it above will now just test the
> first
> level of zip files to see if their members are encrypted at all. It won't
> actually extract them. Because it doesn't extract them it can't do any
> more
> levels of nesting.
>
> BTW "All-Viruses" now includes "Zip-Password" in the silent viruses
> list.
>
I tested it this afternoon and moved it into production a little while
ago. Everything is working great. Regular zip files are allowed again
and the password protected zips are now banned. The complaints have
stopped... life is good.
You did it again Julian. Your contributions are outstanding. K-12,
Higher-Ed, and state government in WVa all get enormous benefit from
what you do. Thank you.
--
Richard E. Lynch <rich at mail.wvnet.edu>
Systems Programming Manager
West Virginia Network (WVNET)
837 Chestnut Ridge Road
Morgantown, WV 26505
(304) 293-5192 x243
More information about the MailScanner
mailing list