Does Mailscanner Rename
Heino Backhaus
heino.backhaus at fink-computer.de
Fri Mar 27 14:03:20 GMT 2015
Hello All,
I enjoy using mailscanner for many years now. Thanks to all.
I would realy appreciate your help with a problem i was running across.
The first question is. Does Mailscanner rename a file with a CLSID in
the filename to something like this: CLIP-%7B8EC58011.bmp ?
Now to my problem:
An attached bitmap (a companys logo) triggeres the CLSID Filename rule.
The MailWatch report says:
Report: MailScanner: Files containing CLSID's are trying to hide their
real type (CLIP-%7B8EC58011.bmp)
The corresponding rule from filename.rules.conf is stated below:
# Deny filenames containing CLSID's
deny \{[a-hA-H0-9-]{25,}\} Filename trying to hide its real type
Files containing CLSID's are trying to hide
their real type
A strange thing is that this file downloaded from Mailwatch and attached
to a new (html) mail will pass the Mailscanner.
So i think it's renamed and may not be the original name...
But when you try to release the mail from quarantine it triggers
the CLSID-Rule again ... I'm a little confused about this and need help.
Thanks in advance.
My Softwareversions are:
MailWatch Version = 1.2.0 - Beta 5
MailScanner Version = 4.84.6
PHP Version = 5.5.9-1ubuntu4.7
MySQL Version = 5.5.41-0ubuntu0.14.04.1
--
"In retrospect it becomes clear that hindsight is definitely overrated!"
-Alfred E. Neumann
More information about the MailScanner
mailing list