Mailscanner 4.79-11-1 for CentOS (5.5 x64) ignoring filename rules?

Alex Crow alex at nanogherkin.com
Thu Aug 5 19:26:31 IST 2010


On 05/08/10 19:06, Jules Field wrote:
> That is entirely as expected, due to the rule
>
> # Allow repeated file extension, e.g. blah.zip.zip
> allow   (\.[a-z0-9]{3})\1$      -       -
>
> which appears before the double-extension-check rule, as it causes it 
> to allow files where people have accidentally doubled up the same 
> extension.
>
> Jules.
>
Dear Jules,

The trouble is, I also had this with a test such as "<some random ssl 
cert>.crt.txt", which is certainly not repeated. In fact, I've tried so 
many combinations and none of them have ever been flagged (unless 
they've had exe or dll or the like in there somewhere, when they don't 
trigger on the multiple extension but instead on executable content.)

I will try disabling the "repeat" rule and see what happens anyway.

Cheers

Alex


More information about the MailScanner mailing list