Problem with mailscanner after upgrading to newest (filename checks)

Rick Cooper rcooper at
Wed Feb 11 16:11:18 GMT 2009

The filename in the reports has been sanitized and made safe, it's not the
full and actual filename as was sent since it was determined to be
potentialy dangerous.


From: mailscanner-bounces at
[mailto:mailscanner-bounces at] On Behalf Of
jonas at
Sent: Wednesday, February 11, 2009 10:35 AM
To: mailscanner at
Subject: Problem with mailscanner after upgrading to newest (filename

Hi list


I got a problem after upgrading to latest mailscanner:


scanner0 MailScanner[30533]: Spam Checks completed at 11761 bytes per second

scanner0 MailScanner[30533]: Filename Checks: Filename contains lots of
white space (1LWooQ-0004kj-1j              195752.pdf)

scanner0 MailScanner[30533]: Other Checks: Found 1 problems


This looks a bit weird to me, is that how it normally looks? A msgid and
then a filename without any commas or anything?


My issue is that mailwatch, the reports etc all report the filename as



MailScanner: A long gap in a name is often used to hide part of it



The email report:

One or more of the attachments (195752.pdf) are on

the list of unacceptable attachments for this site and will not have

been delivered.


Consider renaming the files to avoid this constraint.


The virus detector said this about the message:

Report: MailScanner: A long gap in a name is often used to hide part of it



In both places the filename does not apaer to contain spaces.


Let me dump some maybe related config vars:


Running on

Linux scanner0 2.6.18-6-686-bigmem #1 SMP Fri Dec 12 17:49:59 UTC 2008 i686

This is Perl version 5.008008 (5.8.8)


This is MailScanner version 4.74.16

Module versions are:

1.00    AnyDBM_File

1.26    Archive::Zip

0.23    bignum

1.04    Carp

1.41    Compress::Zlib

1.119   Convert::BinHex

0.17    Convert::TNEF

2.121_08        Data::Dumper

2.27    Date::Parse

1.00    DirHandle

1.05    Fcntl

2.74    File::Basename

2.09    File::Copy

2.01    FileHandle

2.07    File::Path

0.21    File::Temp

0.92    Filesys::Df

3.57    HTML::Entities

3.59    HTML::Parser

3.57    HTML::TokeParser

1.23    IO

1.14    IO::File

1.13    IO::Pipe

2.04    Mail::Header

1.89    Math::BigInt

0.22    Math::BigRat

3.07    MIME::Base64

5.427   MIME::Decoder

5.427   MIME::Decoder::UU

5.427   MIME::Head

5.427   MIME::Parser

3.07    MIME::QuotedPrint

5.427   MIME::Tools

0.11    Net::CIDR

1.25    Net::IP

0.16    OLE::Storage_Lite

1.04    Pod::Escapes

3.07    Pod::Simple

1.09    POSIX

1.19    Scalar::Util

1.78    Socket

2.18    Storable

1.4     Sys::Hostname::Long

0.27    Sys::Syslog

1.26    Test::Pod

0.86    Test::Simple

1.9715  Time::HiRes

1.02    Time::localtime


Optional module versions are:

1.42    Archive::Tar

0.23    bignum

2.03    Business::ISBN

20081208        Business::ISBN::Data

1.12    Data::Dump

1.814   DB_File

1.14    DBD::SQLite

1.607   DBI

1.15    Digest

1.01    Digest::HMAC

2.38    Digest::MD5

2.11    Digest::SHA1

1.01    Encode::Detect

0.17015 Error

0.24    ExtUtils::CBuilder

2.19    ExtUtils::ParseXS

2.37    Getopt::Long

0.45    Inline

1.08    IO::String

1.04    IO::Zlib

2.25    IP::Country

missing Mail::ClamAV

3.002005        Mail::SpamAssassin

v2.006  Mail::SPF

1.999001        Mail::SPF::Query

0.3     Module::Build

0.20    Net::CIDR::Lite

0.63    Net::DNS

v0.003  Net::DNS::Resolver::Programmable

0.39    Net::LDAP

 4.021  NetAddr::IP

1.94    Parse::RecDescent

missing SAVI

3.14    Test::Harness

1.22    Test::Manifest

2.0.0   Text::Balanced

1.37    URI

0.76    version

0.68    YAML




In conf I got:


Expand TNEF = yes

Use TNEF Contents = replace

TNEF Expander = internal


Let me know if anybody can think of stuff I can try to fix this. If its an
issue at all. I guess my real question is how can I know if the attachment
had many whitespaces or not?


Med venlig hilsen / Best regards


Jonas Akrouh Larsen


TechBiz ApS

Laplandsgade 4, 2. sal

2300 København S


Office: 7020 0979

Direct: 3336 9974

Mobile: 5120 1096

Fax:    7020 0978

Web:  <>


This message has been scanned for viruses and 
dangerous content by  <> MailScanner, and is 
believed to be clean. 

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the MailScanner mailing list