Not blocking executables

Glenn Steen glenn.steen at gmail.com
Mon Jan 29 16:15:09 CET 2007


On 29/01/07, rob <rob at robhq.com> wrote:
> My MailScanner is allowing .exe files to be sent to users.
>
> I have this in my filetype.rules.conf
>
> allow   text            -                       -
> allow   \bscript        -                       -
> allow   archive         -                       -
> allow   postscript      -                       -
> deny    self-extract    No self-extracting archives     No self-extracting archives allowed
> deny    executable      No executables          No programs allowed
> deny    ELF             No executables          No programs allowed
> deny    Registry        No Windows Registry entries     No Windows Registry files allowed
>
> I tried adding
>
> deny    .exe$           No exe files            No exe files
>
> But a test .exe still came in.  I have a feeling I am doing something stupid.  Maybe the
> lack of caffeine this monday morning.
That is _filetype_, not _filename_ rules. They are subject to your
file commands quirks, so many simply never turn it on... You have both
filename and filetype rules, and another "simplified" system for both
to consider... What do you have for
File Command
Allow Filetypes
Deny Filetypes
Filetype Rules
Allow Filenames
Deny Filenames
Filename Rules

And then we haven't looked at other things that might come into play
(UU-encoding, or other archive... and the depth you look at).
Lets start there.

Cheers
-- 
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se


More information about the MailScanner mailing list