Exe and js in zip

Mark Sapiro mark at msapiro.net
Tue May 24 05:49:37 UTC 2016

On 05/23/2016 04:45 AM, Trond M. Markussen wrote:
> What works best for blocking .exe and .js files within zip attachments?
> We seem to have quite a few of these coming through…

Default MailScanner config settings should block these

filename.rules.conf contains

deny    \.jse?$         Possible Microsoft JScript attack
                       JScript Scripts are dangerous in email

deny    \.exe$          Windows/DOS Executable
   Executable DOS/Windows programs are dangerous in email

And both MailScanner and virus scanners look inside zip archives.

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the MailScanner mailing list