Blocking custom file extension is not working
Pieter Goris
Pieter.Goris at cisanet.be
Fri Feb 5 13:41:50 UTC 2016
So I managed to block the .()bat with this rule:
deny \.[(][)][a-zA-Z0-9][a-zA-Z0-9][a-zA-Z0-9] Possible malicious file Files hiding behind () are often malicious
Now the question is why dll are blocked but not the ones sent by the test system?
Regards,
Pieter Goris
------------------------------------------------------------------
This message has been scanned for viruses and dangerous content by
Cisa Antispam Service, and is believed to be clean.
------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20160205/caf27ade/attachment.html>
More information about the MailScanner
mailing list