filetype rules and pptx files

Julian Field MailScanner at ecs.soton.ac.uk
Wed May 6 09:54:28 IST 2009



On 05/05/2009 21:46, Scott Silva wrote:
> on 5-5-2009 10:44 AM Paul Lemmons spake the following:
>    
>> Our CIO (of all people) is trying to send a PowerPoint 2007 document and
>> it is getting rejected. It turns out that the .pptx file is really a zip
>> archive and within that archive there is a file named "0000.dat" which
>> is getting identified as a DOS executable. When I extract the file and
>> run the file command against it I get the following:
>>
>> $ file  0000.dat
>> 0000.dat: DOS executable (device driver) for DOS
>>
>> $ file -i 0000.dat
>> 0000.dat: text/plain charset=iso-8859-1
>>
>> When I look at the file itself, it appears to be a bunch of binary zeros.
>>
>> I have tried to to add the following line to the filetypes.rules file:
>>
>> allow   -               text\/plain             -                       -
>> allow   -               text/plain              -                       -
>>
>> with no success.
>>
>> I also tried adding  the following line to the filenames.rules file:
>>
>> allow   \.dat$                  -       -
>>
>> with no success.
>>
>> And to save time on an obvious question or two, Yes, I am using tabs
>> between fields and Yes I am restarting MailScanner after an update.
>>
>> I am hoping that it is something very simple that I am missing. Any
>> assistance would be greatly appreciated.
>>
>>      
> The latest version has some conveniences added for this type of situation.
> Download, install, and read the changelog, and your life might get easier!
>
>    
Yes, you want the latest release with a filetype rule allowing 
executables in archives,
*or else*
Use the MIME type of the 0000.dat file and put in a line allowing that 
in the normal filetype.rules.conf, but read the stuff at the top of the 
file on how to specify the MIME type of the file, and put the rule above 
the line that denies executables. "file -i" which works out the MIME 
type, often produces different results from "file" which is what is 
normally used. The filetype.rules.conf file allows you to specify the 
MIME type instead of the keywords to look for in the output of the 
"file" command, read the docs.

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM and twitter.com/MailScanner


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list