Mailscanner 4.79-11-1 for CentOS (5.5 x64) ignoring filename rules?

Alex Crow alex at
Thu Aug 5 20:08:12 IST 2010

On 05/08/10 19:33, Jules Field wrote:
>> The trouble is, I also had this with a test such as "<some random ssl 
>> cert>.crt.txt", which is certainly not repeated.
> Yes, but .txt is probably allowed by a rule further up in the table. 

Just noticed this line in your reply: doesn't this negate the utility of 
checking for double extensions? Bear in mind I'm using the 
filename.rules.conf supplied with MailScanner. This suggests that 
someone could send, say, malicious HTML file with .html.txt as the 
extension and it would be passed. I'm sure the ancient version we used 
to use with Debian Etch (from the repos of that distro) would block such 
files. I've compared the rules files between the two and .txt is allowed 
first in both, but the Etch install did catch "

Sorry if I'm being blind to something in the docs or FAQs but this does 
look like a change in behaviour.


More information about the MailScanner mailing list