filetype rules and pptx files

Paul Lemmons paul.lemmons at tmcaz.com
Wed May 6 22:13:12 IST 2009 


-------- Original Message  --------
Subject: filetype rules and pptx files
From: Julian Field <MailScanner at ecs.soton.ac.uk>
To: MailScanner discussion <mailscanner at lists.mailscanner.info>
Date: 05/06/2009 01:54 AM
> On 05/05/2009 21:46, Scott Silva wrote:
>   
>> on 5-5-2009 10:44 AM Paul Lemmons spake the following:
>>    
>>     
>>> <snip>
>>>
>>> $ file  0000.dat
>>> 0000.dat: DOS executable (device driver) for DOS
>>>
>>> $ file -i 0000.dat
>>> 0000.dat: text/plain charset=iso-8859-1
>>>
>>> When I look at the file itself, it appears to be a bunch of binary zeros.
>>>
>>> I have tried to to add the following line to the filetypes.rules file:
>>>
>>> allow   -               text\/plain             -                       -
>>> allow   -               text/plain              -                       -
>>>
>>> with no success.
>>>
>>> <snip>   
>>>       
>> <snip>   
>>     
> <snip>
>
> *or else*
> Use the MIME type of the 0000.dat file and put in a line allowing that 
> in the normal filetype.rules.conf, but read the stuff at the top of the 
> file on how to specify the MIME type of the file, and put the rule above 
> the line that denies executables. "file -i" which works out the MIME 
> type, often produces different results from "file" which is what is 
> normally used. The filetype.rules.conf file allows you to specify the 
> MIME type instead of the keywords to look for in the output of the 
> "file" command, read the docs.
>
> Jules
>
>   
The "*or else*" is what I had originally tried. If this should work then 
I have clearly done something wrong. The allow statements above do 
precede the deny statements. As you see I tried a pattern where the "/" 
was escaped and one without with no cheese down either hole.

Here is a snippet from my filetypes.rules file:

<snip>
# makes the checked text check against the MIME type of the attachment
# as determined by the output of the "file -i" command.

allow   -               text/plain              -                       -
allow   text            -                       -
allow   \bscript        -                       -
allow   archive         -                       -
allow   postscript      -                       -
deny    self-extract    No self-extracting archives     No 
self-extracting archives allowed
deny    executable      No executables          No programs allowed
<snip>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3316 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090506/9812f2ae/smime.bin

More information about the MailScanner mailing list