Issue with MailScanner not blocking incoming attachments that SHOULD be denied.
Mark Sapiro
mark at msapiro.net
Thu Nov 14 00:24:51 GMT 2013
On 11/13/2013 03:35 PM, Jason Young wrote:
>
> My testing has so far been to use an external mail server to send an
> attached windows executable file (.exe) to an internal exchange
> account. I have tried both using an outlook external client and also a
> native Linux based web client with the same result (i.e. the exe file is
> delivered to the exchange account).
Is the file actually a DOS executable file, i.e., what does the CentOS
'file' command say it is?
> And the email that arrives has the following header (extract):
>
>
>
> Content-Type: multipart/mixed; boundary="----=_20131114101356_40730"
And what are the part headers for the attached file? I.e. does it have a
name and does the name end in .exe?
> Running MailScanner –lint gives the following output :
...
> ===========================================================================
>
> Filename Checks: Windows/DOS Executable (1 eicar.com)
Here MailScanner recognizes a .com. Have you tried a .com in your testing.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the MailScanner
mailing list