MS Doesn't completely block spam with faulty attachments
Martin Hepworth
maxsec at gmail.com
Thu Sep 1 12:32:52 IST 2011
what version of MS?
I never inform the sender of junk as you end up with fake messages sent out.
--
Martin Hepworth
Oxford, UK
On 1 September 2011 08:17, Joolee <mailscanner at joolee.nl> wrote:
> Hallo Everybody,
>
> I've experienced a small flood of virus E-mails. These E-mails (subj.: "ACH
> Payment *random number* Canceled") contain attachments named like:
> "report_082011-65.pdf.exe"
> They obviously get blocked by the "no executables" and "No double file
> extensions" rules. The problem is that after blocking them, an automated
> E-mail is send to the original recipient and the (faked) sender of the
> message, informing them of the blocked attachment.
>
> Had the E-mails been processed further, they would've probably hit the
> virusscanner (not tested) or spamassassin (gives a score of 27 when tested)
> and the E-mail would've silently been discarded as a virus / spam /
> phishing.
>
> Is it possible to let the MailScanner continue it's processing when hitting
> the file name rules and / or running the filename rule at a later time?
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20110901/ae18f72a/attachment.html
More information about the MailScanner
mailing list