Questions...
Spicer, Kevin
Kevin.Spicer at BMRB.CO.UK
Wed Mar 24 16:42:16 GMT 2004
John Wilcock wrote:
> On Wed, 24 Mar 2004 16:14:57 -0000, Spicer, Kevin wrote:
>> Advise your client to change the extension of the zip
> files. It only unpacks zips based on extension.
>
> Is this a good thing? It means that I could get an exe (or whatever)
> file past MailScanner by zipping it and renaming to, say, .zipp.
> Social engineering does the rest.
>
> Julian, how about (optionally?) unpacking anything that the file
> command thinks is an archive?
Not wishing to steal Julian's thunder but I think you'll find the problem is that the zip file unpacking has to take place before the file command is run (in order for the file command to scan the unpacked files) therefore this isn't as simple as it sounds
BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_________________________________________________________________
This message (and any attachment) is intended only for the
recipient and may contain confidential and/or privileged
material. If you have received this in error, please contact the
sender and delete this message immediately. Disclosure, copying
or other action taken in respect of this email or in
reliance on it is prohibited. BMRB International Limited
accepts no liability in relation to any personal emails, or
content of any email which does not directly relate to our
business.
More information about the MailScanner
mailing list