Blocked Extensions in password-protected zip archives
ssilva at sgvwater.com
Tue Aug 14 19:58:36 IST 2007
Sattler, Tim spake the following on 8/14/2007 4:58 AM:
> I have set "Allow Password-Protected Archives = yes", but encrypted
> archives are nevertheless blocked if they contain files with blocked
> Now I could set "Maximum Archive Depth = 0" to solve this issue, but
> then files with blocked extensions would also pass in non-protected
> archives, which is not what I want.
> Therefore, I would either need an option to disregard blocked
> extensions within password-protected archives or the possibility to
> use a ruleset for "Maximum Archive Depth" with a different result for
> protected and non-protected archives.
> PS: I know it's an additional risk to let password-protected archives
> pass through, but it's a business need.
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kai Schaetzl
> Sent: Tuesday, August 14, 2007 12:32 PM
> To: mailscanner at lists.mailscanner.info
> Subject: Re: Blocked Extensions in password-protected zip archives
> Tim Sattler wrote on Tue, 14 Aug 2007 09:49:24 +0200:
>> Is it possible? Or is there another way how I can achieve a different
>> handling of blocked extensions for password-protected on one hand and
>> normal zip archives on the other?
> Are you sure this is a matter of "blocked extensions"? I rather think this
> is a matter of "password-protected archive". MailScanner treats
> password-protected archives as viruses. It would need to stop that. This
> topic has come up regularly in the past, but Julian is reluctant to do
> this. The effect of handling it as a virus is that it doesn't get saved to
> the quarantine (if you keep it "clean") and thus can't be released.
> If you want to have all password-protected archives just pass thru
> directly in the inboxes then set
> Allow Password-Protected Archives = yes
> but this will also allow password-protected archives with malware right in
> the inbox.
Why not use a ruleset on both allow password protected archives and maximum
archive depth. A PITA to maintain, but more secure.
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
More information about the MailScanner