Attachments

[Scott Silva]

Colin Jack spake the following on 9/14/2006 10:06 AM:
>  
> 
>> -----Original Message-----
>> From: mailscanner-bounces at lists.mailscanner.info 
>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
>> Of Ken Goods
>> Sent: Thursday, September 14, 2006 4:48 PM
>> To: 'MailScanner discussion'
>> Subject: RE: Attachments
>>
>>>> Colin Jack wrote:
>>>>> Hmmm ... it looks like MailScanner is refusing the attachments 
>>>>> because the .zip file contains unacceptable files ... 
>> e.g. .exe and 
>>>>> .chm
>>>>>
>>>>> This seems a little over the zealous. We usually suggest 
>> to clients 
>>>>> mailing .exe files (install files for example) to .zip them up to 
>>>>> get through filters!!
>>>>>
>>>>> What is the best way to deal with this? Can I tell 
>> MailScanner not 
>>>>> to look inside .zip files
>>>>>
>>>>> Thanks
>>>>>
>>>>> Colin
>> Colin,
>>
>> Just thought I'd add my 2 cents....
>> What I have done here is to instruct my users to rename any 
>> executables to .txt then instruct their recipient to rename 
>> the attachment back to .exe once they have received it. 
>>
>> This does three things... first, it gets my (very technically 
>> illiterate) users to be aware of file extensions to begin 
>> with and to know what I'm talking about when I say this one 
>> or that one is potentially dangerous. (it also helps them get 
>> used to renaming files) Second, since the file has come from 
>> somebody they know (I instruct them to pre-contact the 
>> recipient so they are expecting an executable) and has 
>> instructions on how to make the file back into an executable, 
>> it makes them more aware of the way viruses are propagated 
>> via email and there is less chance that someone will 
>> inadvertently open a virus (of course I run two virus 
>> scanners to this is a slim chance anyway). And third, and I 
>> guess most importantly, it gets the file through any filetype 
>> checking based on the extension. (Outlook, OE...
>> etc..) Besides, anti-virus software will still catch viruses 
>> regardless of the file extension.
>>
>> One can argue that zipping them up is a better way to handle 
>> it but in my experience with *my* users, I have found it's 
>> easier for them to simply rename the file on both ends. This 
>> has been working very well here for the last couple years... YMMV
>>
>> This was a solution I didn't see mentioned so I thought I'd 
>> throw it into the mix.
>>
>> Kind regards,
>> Ken Goods
>> Network Administrator
>> AIA/CropUSA Insurance, Inc.
>>
> 
> Thanks Ken - yeah we already do that (well we say remove the last letter
> and replace it with an underscore, but same principal). The zip problem
> arises where support staff email patches etc. with things like
> update.exe, dodgy.dll etc. inside a zip.
> http://www.mainline.co.uk/spam_error.html
> 
> Just out of interest ... the default setting for Archive Depth seems to
> be '2' and '0' turns it off ... so what does '1' do? ;)
> 
> Colin
> 
I think archive depth is the level of directories recursed.
So if your zip has a directory 6 levels deep, setting at 1 would only look at
the root, 2 would look down at the 1st level below the root and so on.
So setting at 2 would let a file below this level pass through.

-- 

MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!