FileType rules show executable even though file shows data --
Please help fix.
Julian Field
MailScanner at ecs.soton.ac.uk
Tue Jul 6 18:00:13 IST 2010
It's talking about the attachment in the message, not the message
body+headers itself.
Do a "file" on msg-16388-1.txt (not a "file -i").
On 06/07/2010 16:43, Peter Ong wrote:
> Hello Everyone,
>
> I really need help on this filetype issue.
>
> First, when I scan the original message it shows as "data", and when I scan the mime version, it shows as "text/x-mail; charset=unknown".
>
> I keep getting this message even after I have edited the filetype.conf.rules file:
> At Tue Jul 6 08:29:47 2010 the virus scanner said:
> MailScanner: No programs allowed (msg-16388-1.txt)
>
>
> Proof:
> [root at gateway005.inf 64BCE572B7.A0F44]# file 64BCE572B7
> 64BCE572B7: data
>
> [root at gateway005.inf 64BCE572B7.A0F44]# file -i msg-16388-1.txt
> msg-16388-1.txt: text/x-mail; charset=unknown
>
> HELP!!! What can I do? Thank you in advance.
>
>
>
>
>
>
>
>
>
> These are the contents of my filetype.conf.rules file:
>
>
>
> allow - text - -
> allow - text - -
> allow - text/x-mail - -
> allow - text/plain - -
> allow - message/rfc822 - -
> allow - text/x-mail - -
> allow - text/x-mail; charset=unknown - -<<<<<<<<<<<<<<< I added this
> allow - text/plain - -
> allow - text/plain; charset=unknown - -
> allow - text/plain; charset=iso-8859-1 - -
> allow - text/plain; charset=utf-8 - -
> allow - text/plain; charset=iso-8859-1 - -
> allow text text/x-mail - -
> allow text text/plain - -
> allow text message/rfc822 - -
> allow data text/x-mail; charset=unknown - -<<<<<<<<<<<<<< I added this
> allow data text/x-mail - -
> allow data text/plain - -
> allow data text/plain; charset=unknown - -
> allow data text/plain; charset=iso-8859-1 - -
> allow data text/plain; charset=utf-8 - -
> allow RFC 822 mail text text/plain; charset=iso-8859-1 - -
>
> allow text - -
> allow data - -
> allow \bscript - -
> allow archive - -
> allow postscript - -
> deny self-extract No self-extracting archives No self-extracting archives allowed
> deny executable No executables No executables allowed<<<<<<<<<<<<<<<<<<< keeps getting caught here...
> #EXAMPLE: deny - x-dosexec No DOS executables No DOS programs allowed
> deny - x-dosexec No DOS executables No DOS programs allowed
> deny ELF No executables No programs allowed
> deny Registry No Windows Registry entries No Windows Registry files allowed
>
> #deny MPEG No MPEG movies No MPEG movies allowed
> #deny AVI No AVI movies No AVI movies allowed
> #deny MNG No MNG/PNG movies No MNG movies allowed
> #deny QuickTime No QuickTime movies No QuickTime movies allowed
> #deny ASF No Windows media No Windows media files allowed
> #deny metafont No Windows Metafont drawings No WMF drawings allowed
>
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Need help customising MailScanner?
Contact me!
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM and twitter.com/MailScanner
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner
mailing list