File(name|type) rules - was hijacked: "Allow Script Tags" affects attachments?

[Mark Sapiro]

On 02/05/2017 04:06 PM, Paul Scott wrote:
> In the MAILSCANNER.CONF file, I find this statement:
> 
> # In the "Filename Rules" and "Filetype Rules" rule files, you can
> # say that you want particular attachment names or types to be "disarmed"
> # by being renamed. See the sample files for examples of this.
> 
> First, I do not know where these "sample files" are.  I have searched for them, but cannot find them.


The "sample" files are in /etc/MailScanner/. Their names are
archives.filename.rules.conf, archives.filetype.rules.conf,
filename.rules.conf and filetype.rules.conf. They are both samples and
the actual working files configured by default.


> I am having issues with allowing my users the ability to attach .PDF and .DOC and other
types of files, and either send or receive them.
> 
> This issue only started after the upgrade to the 5.0 version.


The default rules do not disallow .pdf or .doc files so there is
something else going on.


> Does someone have a clear explanation on how to go ahead and allow users to send/receive emails with .PDFs and .DOC (Word) files (just to start with)?


Please tell us what happens when an email is sent with an attached .pdf
or .doc file. What does MailScanner log in the system mail log and what
does the received message contain.

One possibility is the attachments are being denied if they seem to have
double extensions, e.g. "Joes.file.pdf. I.e., with some exceptions if
the actual extension is preceded by a period and 3 or 4 alphanumerics,
it is a bad name. This is intended to stop things like

"innocent_name.txt                        .exe"

but stops a lot more than that.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan