Not blocking executables
rob
rob at robhq.com
Mon Jan 29 16:46:50 CET 2007
On Mon, 29 Jan 2007 16:15:09 +0100, Glenn Steen wrote
> On 29/01/07, rob <rob at robhq.com> wrote:
> > My MailScanner is allowing .exe files to be sent to users.
> >
> > I have this in my filetype.rules.conf
> >
> > allow text - -
> > allow \bscript - -
> > allow archive - -
> > allow postscript - -
> > deny self-extract No self-extracting archives No self-extracting archives
allowed
> > deny executable No executables No programs allowed
> > deny ELF No executables No programs allowed
> > deny Registry No Windows Registry entries No Windows Registry files
allowed
> >
> > I tried adding
> >
> > deny .exe$ No exe files No exe files
> >
> > But a test .exe still came in. I have a feeling I am doing something stupid. Maybe the
> > lack of caffeine this monday morning.
> That is _filetype_, not _filename_ rules. They are subject to your
> file commands quirks, so many simply never turn it on... You have both
> filename and filetype rules, and another "simplified" system for both
> to consider... What do you have for
> File Command
> Allow Filetypes
> Deny Filetypes
> Filetype Rules
> Allow Filenames
> Deny Filenames
> Filename Rules
>
> And then we haven't looked at other things that might come into play
> (UU-encoding, or other archive... and the depth you look at).
> Lets start there.
>
> Cheers
> --
> -- Glenn
> email: glenn < dot > steen < at > gmail < dot > com
> work: glenn < dot > steen < at > ap1 < dot > se
>From /etc/MailScanner/MailScanner.conf
File Command = /usr/bin/file
Allow Filenames =
Deny Filenames =
Filename Rules = %etc-dir%/filename.rules.conf
Allow Filetypes =
Deny Filetypes =
Filetype Rules = %etc-dir%/filetype.rules.conf
More information about the MailScanner
mailing list