Message body lost when zip file quarantined
Julian Field
MailScanner at ecs.soton.ac.uk
Tue Aug 26 09:46:53 IST 2008
Just as a note for the list archive. I cannot reproduce the problem, it
works okay for me and does not throw away the message body.
Mark Sapiro wrote:
> On Sun, Aug 24, 2008 at 04:44:01PM +0100, Julian Field wrote:
>
>> You shouldn't have left it that long! :-)
>> Send them to me again, and I'll try to look at them this time. Sorry :-)
>>
>> --
>> Jules
>>
>
>
> OK. I've resent them. Thanks.
>
> /Mark
>
>
>
>> On 23 Aug 2008, at 19:46, Mark Sapiro <mark at msapiro.net> wrote:
>>
>>
>>> On July 3, 2008, Julian Field wrote:
>>>
>>>> Mark Sapiro wrote:
>>>>
>>>>> Julian Field wrote:>
>>>>>
>>>>>
>>>>>> Mark Sapiro wrote:
>>>>>>
>>>>>>
>>>>>>>> MailScanner is scanning a message with an attached .zip archive
>>>>>>>> which
>>>>>>>> contains a number of .bat and .bat.bak files, other files and
>>>>>>>> even
>>>>>>>> another zip archive which contains a single .bat file.
>>>>>>>>
>>>>>>>> Mailscanner detects all the .bat and .bat.bak files in the zip
>>>>>>>> files,
>>>>>>>> sends a notice appropriately, and delivers the message with the
>>>>>>>> attachment removed. All well and good. The problems are:
>>>>>>>>
>>>>>>>> 1) not only the original .zip is quarantined, but so also are the
>>>>>>>> individual .bat, .bat.bak and .zip files extracted from the
>>>>>>>> original
>>>>>>>> .zip (other files in the .zip with OK names are not). This is
>>>>>>>> not a
>>>>>>>> major issue, but makes looking in the quarantine difficult as one
>>>>>>>> doesn't know what files were separately attached and what files
>>>>>>>> were
>>>>>>>> just in the .zip.
>>>>>>>>
>>>>>>>> 2) The more serious issue is the original message body is also
>>>>>>>> removed
>>>>>>>>
>>>>>>> >from the delivered message, and it is not stored anywhere.
>>>>>>>
>>>>>>> So, is there some misconfiguration on my part that is causing the
>>>>>>> loss of the message body, or is this and the redundant files in
>>>>>>> quarantine the expected behavior?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> Number 2 is the one that interests me. Please can you send me a
>>>>>> concrete example, preferably lifted straight out of a sendmail
>>>>>> queue.
>>>>>>
>>>>>>
>>>>> I use Postfix, not sendmail.
>>>>>
>>>>> Here's what I have:
>>>>>
>>>>> -The Postfix queue entry.
>>>>> -The raw message received via bcc without passing through
>>>>> MailScanner
>>>>> -The {Filename?} message delivered to the recipient after
>>>>> MailScanner
>>>>> -The notice sent as a result of 'Send Notices = yes'
>>>>>
>>>>> Which of these would you like (and may I send it/them off list)?
>>>>>
>>>>>
>>>> All of the above please. Send them zipped up to
>>>> mailscanner at ecs.soton.ac.uk.
>>>>
>>> The files were sent on July 3 as requested. Has there been anything
>>> discovered or done about this?
>>>
>>> --
>>> Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
>>> San Francisco Bay Area, California better use your sense - B. Dylan
>>>
>>> --
>>> MailScanner mailing list
>>> mailscanner at lists.mailscanner.info
>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>>
>>> Before posting, read http://wiki.mailscanner.info/posting
>>>
>>> Support MailScanner development - buy the book off the website!
>>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>>
>>
>
>
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list