MailScanner fix for Exchange TNEF vuln?

Paul Welsh paul.welsh.3 at
Wed Feb 11 13:51:49 GMT 2009

In MailScanner 4.71.10-1 and 4.74.16-1 at least, the default settings
for TNEF in MailScanner.conf are:

Expand TNEF = yes
Use TNEF Contents = replace
Deliver Unparsable TNEF = no

So many MailScanner users will be protected without knowing it.

I have an unpatched Exchange server and also use Sophos on my
MailScanner box.  I've just noticed that I could have probably used
"Expand TNEF = no" because Sophos can check attachments within TNEF

Obviously I'll keep the "Use TNEF Contents = replace" setting in place
but does anyone know whether "Expand TNEF = no" is compatible with
"Use TNEF Contents = replace"?

More information about the MailScanner mailing list