Exes within Zips

[Julian Field]

At 13:55 10/03/2004, you wrote:
> >-----Original Message-----
> >From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK]
> >Sent: 10 March 2004 13:35
> >To: MAILSCANNER at JISCMAIL.AC.UK
> >Subject: Re: Exes within Zips
> >
>[snip]
> >>How can I now
> >>
> >>1. allow non-password-protected zip archives through
> >>AND
> >>2. allow them to carry .exe and other executable files
> >>AND
> >>3. have them scanned for viruses
> >>AND
> >>4. and block password-protected zip files?
> >
> >Set
> >
> >Allow Password-Protected Archives = no
> >Maximum Archive Depth = 0
> >
> >Sorry, that should have been in MailScanner.conf. I must have lost an
> >update somewhere along the line.
> >--
> >Julian Field
>
>Julian
>
>Thanks for that prompt reponse. Your 4-28-6.1 MailScanner.conf file does
>not say how to achieve the above combination of effects but is does add
>a line preceding the "Maximum Archive Depth = 3" line that says "To
>disable this feature set this to 0".
>
>However I have little experience with zip archives so it is not clear to
>me what the consequences are (good and bad) of setting this option to 0.

The contents of zip files will still be scanned for viruses, but the
filename and filetype rules will have no effect on the files stored in the
zip. So people can still mail around executables and so on by putting them
in a normal zip file.

>However I have found out via the school of hard knocks what leaving it
>at 3 does!

I have added this to the comment for the "Maximum Archive Depth" setting:

# A common useful setting is this option = 0, and Allow Password-Protected
# Archives = no. That block password-protected archives but does not do
# any filename/filetype checks on the files within the archive.

--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654