Rules for letters with attachments

Valentin Laskov it at festa.bg
Thu Feb 27 13:27:31 GMT 2014 

Hi Jerry, Hi Steve,

First of all, thank you for your answers!

Jerry, in this case I don't care for senders and yes, in my MailScanner.conf
Notify Senders Of Viruses = no
I can set
Notify Senders Of Blocked Filenames Or Filetypes = yes
to NO but this is not my aim. I would like to protect recipients of unnecessary letters.
MailScanner and Clamd work well and other files are detected as viruses.

Steve, I'm using the official ClamAV signatures only. I looked at the descriptions of Foxhole databases, but their action if I'm not 
wrong, covers the operation of MailScanner or are not intended for new .exe viruses.

I attached a Bad Filename Detected report below.

Cheers,
Valentin

The following e-mails were found to have: Bad Filename Detected

    Sender: brunchskt1 at gmail.com
IP Address: 71.59.80.26
 Recipient: kkkkk at festa.bg
   Subject: image Id 942349204-PicL7674 TYPE==MMS
 MessageID: s1RDGcHS022468
Quarantine: /var/spool/MailScanner/quarantine/20140227/s1RDGcHS022468
    Report: MailScanner: Executable DOS/Windows programs are dangerous in email (IMG000006371.exe)
            No programs allowed (IMG000006371.exe)
    Report: MailScanner: Executable DOS/Windows programs are dangerous in email (IMG000006371.exe)
            No programs allowed (IMG000006371.exe)

Full headers are:

 Return-Path: <g>
 Received: from c-71-59-80-26.hsd1.nj.comcast.net (c-71-59-80-26.hsd1.nj.comcast.net [71.59.80.26])
  by mail.festa.bg (8.14.1/8.14.1) with ESMTP id s1RDGcHS022468
  for <kkkkk at festa.bg>; Thu, 27 Feb 2014 15:16:40 +0200
 Received: from apache by leebenbbgnccfghb. with local (Exim 4.63)
  (envelope-from <gearkff3 at yahoo.com>)
  id 1EKF1Z-S649PO-22
  for <kkkkk at festa.bg>; Thu, 27 Feb 2014 08:16:39 -0500
 To: <kkkkk at festa.bg>
 Subject: image Id 942349204-PicL7674 TYPE==MMS
 Date: Thu, 27 Feb 2014 08:16:39 -0500
 From: mms.service9105 at mms.Vodafone.co.uk
 Message-ID: <07DB53C2B8DB8357FB60848BC4946124 at leebenbbgnccfghb.>
 X-Priority: 3
 X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
 MIME-Version: 1.0
 Content-Type: multipart/alternative;
  boundary="------------01050100901040406020602"

More information about the MailScanner mailing list