Message body lost when zip file quarantined

Sun Aug 24 16:44:01 IST 2008

You shouldn't have left it that long! :-)
Send them to me again, and I'll try to look at them this time. Sorry :-)

--  
Jules

On 23 Aug 2008, at 19:46, Mark Sapiro <mark at msapiro.net> wrote:

> On July 3, 2008, Julian Field wrote:
>>
>>
>> Mark Sapiro wrote:
>>> Julian Field wrote:>
>>>
>>>> Mark Sapiro wrote:
>>>>
>>>>>> MailScanner is scanning a message with an attached .zip archive  
>>>>>> which
>>>>>> contains a number of .bat and .bat.bak files, other files and  
>>>>>> even
>>>>>> another zip archive which contains a single .bat file.
>>>>>>
>>>>>> Mailscanner detects all the .bat and .bat.bak files in the zip  
>>>>>> files,
>>>>>> sends a notice appropriately, and delivers the message with the
>>>>>> attachment removed. All well and good. The problems are:
>>>>>>
>>>>>> 1) not only the original .zip is quarantined, but so also are the
>>>>>> individual .bat, .bat.bak and .zip files extracted from the  
>>>>>> original
>>>>>> .zip (other files in the .zip with OK names are not). This is  
>>>>>> not a
>>>>>> major issue, but makes looking in the quarantine difficult as one
>>>>>> doesn't know what files were separately attached and what files  
>>>>>> were
>>>>>> just in the .zip.
>>>>>>
>>>>>> 2) The more serious issue is the original message body is also  
>>>>>> removed
>>>>>> from the delivered message, and it is not stored anywhere.
>>>>>>
>>>>> So, is there some misconfiguration on my part that is causing the
>>>>> loss of the message body, or is this and the redundant files in
>>>>> quarantine the expected behavior?
>>>>>
>>>>>
>>>> Number 2 is the one that interests me. Please can you send me a
>>>> concrete example, preferably lifted straight out of a sendmail  
>>>> queue.
>>>>
>>>
>>>
>>> I use Postfix, not sendmail.
>>>
>>> Here's what I have:
>>>
>>> -The Postfix queue entry.
>>> -The raw message received via bcc without passing through  
>>> MailScanner
>>> -The {Filename?} message delivered to the recipient after  
>>> MailScanner
>>> -The notice sent as a result of 'Send Notices = yes'
>>>
>>> Which of these would you like (and may I send it/them off list)?
>>>
>> All of the above please. Send them zipped up to
>> mailscanner at ecs.soton.ac.uk.
>
>
> The files were sent on July 3 as requested. Has there been anything
> discovered or done about this?
>
> -- 
> Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
>
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.