Filetypes and filenames not being checked

DAve dave.list at pixelhammer.com
Wed Jul 26 20:51:53 IST 2006 

DAve wrote:
> DAve wrote:
>> Good morning,
>>
>> I have just had a user bring to my attention that since I upgraded to 
>> 4.54.x we are no longer stopping filenames with double suffixes or 
>> banned suffixes.
>>
>> I tried a test and sure enough two files went right through, 
>> test.svx.doc and test.scr. I double checked my conf files and 
>> everything looks good, mailscanner --lint shows no errors.
>>
>> I haven't changed anything in the conf file except to add MailWatch. I 
>> went through the change log and docs and didn't see anything that I 
>> thought would affect me.
>>
>> Has there been a change in how the filename.rules.conf files work?
>>
>> Thanks,
>>
>> DAve
>>
> 
> Hmm, double checked the filename.rules.conf and filetype.rules.conf and 
> they looked fine (yes, tabs not spaces).
> 
> Just on a whim I changed the MailScanner.conf to
> Filename Rules = %rules-dir%/user.filename.rules
> #Filename Rules = %etc-dir%/filename.rules.conf
> 
> Then created %rules-dir%/user.filename.rules as
> # Default, disallow for all others
> To:     default         /usr/local/etc/MailScanner/filename.deny.rules.conf
> From:   default         /usr/local/etc/MailScanner/filename.deny.rules.conf
> 
> And filename.deny.rules.conf is a copy of a fresh filename.rules.conf 
> from the install source.
> 
> Still test.svx.doc gets through as does test.scr. mailscanner --lint 
> still shows no issues.
> 
> I tried to run in debug mode but I got no unusual output. So I stopped 
> MailScanner and called with the debug switch with no change. Is there a 
> way to run in debug and output to the terminal?
> 
> DAve
> 

Well, I've tried using full paths in the Filename Rules = ,
Filename Rules = /usr/local/etc/MailScanner/rules/user.filename.rules

I've tried adding a file suffix to Deny Filenames =
Deny Filenames = \.scr$ \.com$ \.pif$ \.exe$ \.cab$ \.ico$

Nothing works, test.scr just flies right through. I'm pretty much left 
with reinstall on all my servers unless I can find a way to see what is 
happening.

DAve

-- 
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?

Maybe they forgot who made that choice possible.

More information about the MailScanner mailing list