How to allow double extension file?

J Gao jgao at veecall.com
Tue Jul 17 23:09:33 IST 2012


On 12-07-17 12:56 AM, Joolee wrote:
> filename.rules.conf
> filetype.rules.conf
> *archives.filename.rules.conf*
> archives.filetype.rules.conf
>
> Which one were you editing?
>
> On 16 July 2012 21:13, J Gao <jgao at veecall.com
> <mailto:jgao at veecall.com>> wrote:
>
>     On 12-07-16 09:32 AM, J Gao wrote:
>      > Hello,
>      >
>      > We have a client send us email with zipped attachment. It contain
>     files
>      > like:
>      > file1.shp.xml
>      > file2.kmz.kml
>      >
>      > I added two lines on the bottom of the filename.rules.conf:
>      > allow   \.shp\.xml$                     -       -
>      > allow   \.kmz\.kml$                     -       -
>      >
>      > But the MailScanner still detect them as "Bad Filename" and drop them
>      > into quarantine:
>      >
>      >    MessageID: 5482680A2.A554E
>      > Quarantine:
>     /var/spool/MailScanner/quarantine/20120713/5482680A2.A554E
>      >       Report: MailScanner: Attempt to hide real filename
>     extension (aral.shp.xml)
>      >
>      >
>      >
>      > How can I let MailScanner know these are safe file name and let them
>      > pass through?
>      >
>      > Thanks
>      >
>      > Gao
>      >
>
>     Well, I tried all you guys suggestion and I still get trouble when I
>     test the rule. I restarted MailScanner every time after modify the file.
>
>     Here I put a tiny test file online. This zip file contain a single
>     .shp.xml file. (This is generated by some program in Windows). Anyway
>     you can see that just a flat XML file but just with a double extension
>     file name:
>     http://dl.dropbox.com/u/3442771/test.zip
>
>     BTW, even I enable (although I don't like the idea):
>
>     # Deny all other double file extensions. This catches any hidden
>     filenames.
>     allow    \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$   Found possible filename
>     hiding
>
>     It's still block my test.zip file!
>
>     Could someone can test is with my test.zip file above and let me know
>     the solution?
>
>     Thanks a lot.
>
>     Gao
>
>
>
>     [UPDATE]
>
>     I just tried to put the rule on the very beginning of the conf file:
>
>     test result:
>     1. zip file still get blocked!
>     2. BUT if I attach the .shp.xml file without zip it, it passed!
>
>     So there is something going on with the unzip/scan ?
>
>     Gao
>
>
>
>
>     --
>
>     --
>     MailScanner mailing list
>     mailscanner at lists.mailscanner.info
>     <mailto:mailscanner at lists.mailscanner.info>Thanks
>     http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>     Before posting, read http://wiki.mailscanner.info/posting
>
>     Support MailScanner development - buy the book off the website!
>
>
>
>

Thanks a lot. I got it works.

I need configure both file.

Gao

-- 



More information about the MailScanner mailing list