Attachments

[Scott Silva]

Martin Hepworth spake the following on 9/14/2006 1:24 AM:
> Colin Jack wrote:
>> Hmmm ... it looks like MailScanner is refusing the attachments because
>> the .zip file contains unacceptable files ... e.g. .exe and .chm
>>
>> This seems a little over the zealous. We usually suggest to clients
>> mailing .exe files (install files for example) to .zip them up to get
>> through filters!!
>>
>> What is the best way to deal with this? Can I tell MailScanner not to
>> look inside .zip files
>>
>> Thanks
>>
>> Colin
>>> -----Original Message-----
>>> From: mailscanner-bounces at lists.mailscanner.info
>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of
>>> Denis Beauchemin
>>> Sent: 13 September 2006 16:06
>>> To: MailScanner discussion
>>> Subject: Re: Attachments
>>>
>>> Colin Jack a écrit :
>>>> Hope one of you MailScanner gurus can help!
>>>>
>>>> We are having clients complaining that some messages with 
>>> attachments
>>>> aren't arriving ...
>>>>
>>>> example (which I have replicated):
>>>>
>>>> This morning I sent a message to a particular client who is having
>>>> problems.
>>>> Attachment is a .zip of 2Mb
>>>> Our MTA (Exchange) says it has been delivered successfully The
>>>> receiving server maillog has no entries at all as far as I 
>>> can see I
>>>> receive no bounce (yet) ..
>>>>
>>>> I have checked the filename.rules.conf and filetype.rules.conf and
>>>> they allow .zip files
>>>>
>>>> If I put the following entry at the top of the 
>>> filetype.rules.conf and
>>>> filename.rules.conf
>>>>
>>>> allow    .    -    -
>>>>
>>>> then all works fine.
>>>>
>>>> I would like some filtering of files but cannot afford to have
>>>> apparently innocuous files causing mail to evaporate ;)
>>>>
>>>> Thanks
>>>>
>>>> Colin
>>>>
>>>>   
>>> Colin,
>>>
>>> The explanation is probably in you maillog file.  Sendmail (or
>>> whichever MTA you use) should log every connection it receives and
>>> log things like envelope sender, time of day and message ID.  Then
>>> grepping that message ID should tell you what happened to your mail.
>>>
>>> Also you should put MS in verbose mode or run it in debug mode to get
>>> the full details about what is happening.
>>>
>>> Verbose mode (MailScanner.conf):
>>> Log Spam = yes
>>> Log Silent Viruses = yes
>>> Log Dangerous HTML Tags = yes
>>>
>>> Denis
>>>
> 
> Colin
> be aware of quite a few viruses hiding inside zip files.. hence this
> functionality.
> 
> If you don't scan inside zip files you are opening a known threat. Treat
> this risk accordingly..
The maximum archive depth setting doesn't stop the virus scanners from looking
in archive files, it just stops the filename and filetype rules from looking.


-- 

MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!