Foreign filename checking

Kevin Miller Kevin_Miller at ci.juneau.ak.us
Mon Nov 1 18:33:35 GMT 2010 

Greg Pearson wrote:
> On 1/11/2010 7:22 μμ, Kevin Miller wrote:
>> Greg Pearson wrote:
>>> Hello all,
>>> 
>>> some of my users are used to send attachments with foreign filenames
>>> (Russian etc.). It seems that MailScanner cannot properly handle
>>> those filenames when they are converted to UTF8 by the mail client.
>>> So a filename with foreign characters would become something like:
>>> 
>>> "utf-8''%%CE%%95%%CF%%83%%CF%%89%%CF%%84%%CE%%B5%%CF%%81%%CE%%B9%%CE%%BA%%CF%%8C%%CF%%82%%20%%CE%%BA%%CE%%B1%%CE%%BD%%CE%%BF%%CE%%BD%%CE%%B9%%CF%%83%%CE%%BC%%CF%%8C%%CF%%82%%20lomi%%2001%%202008.doc"
>>> 
>>> And hence Mailscanner will complain that this filename is too long,
>>> which is of course not the case. It is mentioned in the Changelog
>>> that the latest version (4.81.4) has dealt with this:
>>> 
>>> "16 Improved handling of Unicode and foreign character sets used in
>>> attachment filenames." 
>>> 
>>> But the problem remains.
>>> 
>>> I wouldn't want to disable the filename length rule completely, so I
>>> would appreciate some help on this.
>>> 
>>> Thanks
>> Is it a discreet set of users sending these?  Or strictly internal
>> users?  Perhaps a ruleset would do the trick if can identify a
>> manageable set of senders...  
>> 
>> 
>> ...Kevin
> Although I am not sure what you mean: I could as well disable the
> rule for everybody, or even add exceptions. But it seems to me this
> is not the proper approach. If Mailscanner is buggy when it comes to
> international support then shouldn't this be filed as a bug instead? 

I agree it would be nice to have a proper fix for it, but sometimes an alternative in the mean time is the best we can get.

You wrote "some of my users".  I don't know if that implies internal users, or outside clients (like an ISP would have).  If they're internal, or there's just a few that you can easily identify, then you can use a rule set to turn off long filename checking on the assumption that the files are more than likely safe.

By way of a slightly dissimilar example, I disallow password protected archives, since I can't scan them for viruses.  However, there are a few external agencies that my users communicate with that need to protect the zip files they send.  For these few I made a ruleset that allows them.  They're trusted, but the rest of the world is still subject to the stock security settings.

On the other hand, if the users are external, and/or not employees or necessarily trusted then you probably wouldn't want to do that.  

...Kevin
-- 
Kevin Miller                Registered Linux User No: 307357
CBJ MIS Dept.               Network Systems Admin., Mail Admin.
155 South Seward Street     ph: (907) 586-0242
Juneau, Alaska 99801        fax: (907 586-4500

More information about the MailScanner mailing list