Can't block wmv files

Jason Ede J.Ede at birchenallhowden.co.uk
Wed Nov 28 15:07:46 GMT 2007 

Umm... Is the file being sent by Outlook/exchange? If so then it could be in a winmail.dat attachment rather than as a .wmv file. If so its probably worth using the tnef expander to expand it out although I'm not sure if thats done before or after the filetype checking...

Jason

________________________________
From: mailscanner-bounces at lists.mailscanner.info [mailscanner-bounces at lists.mailscanner.info] On Behalf Of Michael Mansour [micoots at yahoo.com]
Sent: 28 November 2007 14:59
To: MailScanner discussion
Subject: Re: Can't block wmv files

Hi Julian,

Julian Field <MailScanner at ecs.soton.ac.uk> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



shuttlebox wrote:
> On Nov 27, 2007 3:08 PM, Michael Mansour wrote:
>
>> %etc-dir%/example.com.filename.rules:
>>
>> and %etc-dir%/example.com.filetype.rules:
>>
>
> Those filenames don't match what you have in your rulesets, note the
> missing .conf at the end:
>
>
>> FromOrTo: *@example.com
>> /etc/MailScanner/example.com.filename.rules.conf
>> FromOrTo: default /etc/MailScanner/filename.rules.conf
>>
>> FromOrTo: *@example.com
>> /etc/MailScanner/example.com.filetype.rules.conf
>> FromOrTo: default /etc/MailScanner/filetype.rules.conf
>>
>
> Also, you do have tabs as whitespace in both files and no strange
> end-of-lines, common if you edit the files in Windows?
>
The only places you need tabs instead of spaces are in the
example.com.filetype/name.rules.conf and filetype/name.rules.conf files.
You can use any whitespace in *.rules files.
I'm using:

mailscanner-4.65.3-1.noarch

I've spent the last 5 hours trouble-shooting this problem (in addition to the 2 hours I spent last night) and I believe MS is broken with this filename/filetype blocking now.

What I did was globally set the /etc/MailScanner/filename.rules.conf and /etc/MailScanner/filetype.conf to deny (I also did deny+delete) all movie files and tested for the swf extension too.

Movie files were still let through even when this was a global setting.

I then tried simply attaching something I knew 100% would fail, a web link (.lnk file), and it passed through fine.

What sort of thing / setting in MS would allow this to happen? ie. allowing anything through?

Thanks.

Michael.


________________________________
Make the switch to the world's best email. Get the new Yahoo!7 Mail now<http://au.rd.yahoo.com/mail/taglines/default_all/mail/spankey/*http://au.yahoo.com/worldsbestmail/spankey/>.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20071128/f9ed22f8/attachment-0001.html

More information about the MailScanner mailing list