Exe and js in zip

[Mark Sapiro]

On 05/23/2016 04:45 AM, Trond M. Markussen wrote:
> 
> What works best for blocking .exe and .js files within zip attachments?
> 
> We seem to have quite a few of these coming through…


Default MailScanner config settings should block these

filename.rules.conf contains

deny    \.jse?$         Possible Microsoft JScript attack
                       JScript Scripts are dangerous in email

deny    \.exe$          Windows/DOS Executable
   Executable DOS/Windows programs are dangerous in email

And both MailScanner and virus scanners look inside zip archives.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan