Allow filenames

Danita Zanre danita at caledonia.net
Thu Feb 16 00:28:27 UTC 2017 

Perfect - thanks!


Danita Zanrè, Move Out of the Office
I love my job, and you can too!
Tel: (720) 319-7530 - Caledonia Network Consulting
Tel: (720) 319-8240 - Move Out of the Office


On February 15, 2017 at 5:25:26 PM, Mark Sapiro (mark at msapiro.net) wrote:

On 02/15/2017 12:44 PM, Danita Zanre wrote:  
> I have a sender who makes PDFs from Excel spreadsheets, and creates the  
> names as "GD021517-5.xls.pdf”. These are being blocked as "MailScanner:  
> Attempt to hide real filename extension”. I’d like to allow these for a  
> particular receiving domain only (we have multiple domain names that our  
> system scans for. I thought I had seen a setting that would allow this,  
> but I can no longer find it.  


At the end of /etc/MailScanner/filename.rules.conf you will see  


> # Allow repeated file extension, e.g. blah.zip.zip  
> allow (\.[a-z0-9]{3})\1$ - -  
>  
> # Allow days of the week and months in doc names, e.g. blah.wed.doc  
> allow \.(mon|tue|wed|thu|fri|sat|sun)\.[a-z0-9]{3}$ - -  
> allow \.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$ - -  
>  
> # Deny all other double file extensions. This catches any hidden filenames.  
> deny \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$ Found possible filename hiding Attempt to hide real filename extension  

If all you want is to allow names that end with .xls.pdf, add the line  

allow	\.xls\.pdf$	-	-  

ahead of the # Deny comment, or if you want to allow all double  
extensions, just remove the # Deny comment and the following deny line.  

Also read the info at the beginning of the file, especially the part  
about using tabs, not spaces as field delimiters.  

--  
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,  
San Francisco Bay Area, California better use your sense - B. Dylan  


--  
MailScanner mailing list  
mailscanner at lists.mailscanner.info  
http://lists.mailscanner.info/mailman/listinfo/mailscanner  


--  
This message has been scanned for viruses and  
dangerous content by Iris MailScanner, and is  
believed to be clean.  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20170215/2e540de5/attachment.html>

More information about the MailScanner mailing list