Bad Content Checks
Kai Schaetzl
maillists at conactive.com
Sun Apr 2 23:31:18 IST 2006
I found a file like this getting quarantined as "bad content". (Ahm, what
actually happens then - the message is delivered without the attachment,
or what happens?)
042-06-Logos.ly01.pdf
This is the rule that hit on it. I don't see the value of this rule.
# Deny all other double file extensions. This catches any hidden
filenames.
deny \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$ Found possible filename
hiding Attempt to hide real filename extension
What is the point of disallowing whatever.whatever.pdf? Why is this trying
tho hide the real filename extension? Maybe that (whatever.bat.pdf) is
doing this, but it's much less troublesome than (whatever.pdf.bat).
Can I rule this over with
allow \.pdf$
?
If so, I suggest adding quite a few of these exclusions.
Moreover. How can I release that file? I released it and it was
immediately caught again although 127.0.0.1 is whitelisted and Mailwatch
lists a Status of "W/L Bad Content" now.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
More information about the MailScanner
mailing list