SV: SV: Stopping .js in .zip
Trond M. Markussen
markussen at media24.no
Wed Feb 22 12:29:49 UTC 2017
Thanks for the info. In that case, stopping these attacks should not be a
problem with the current MS version as I understand it.
Could it be a conflict between allowing ZIPs and denying JS files in
By the way, we have Maximum Archive Depth = 5.
Is there perhaps a way to block js files in filetype.rules.conf?
[mailto:mailscanner-bounces+markussen=media24.no at lists.mailscanner.info] På
vegne av Mark Sapiro
Sendt: 21. februar 2017 18:16
Til: mailscanner at lists.mailscanner.info
Emne: Re: SV: Stopping .js in .zip
On 02/21/2017 05:53 AM, Trond M. Markussen wrote:
> Thanks for the feedback. I noticed that there was no " Archives Are"
> setting in MailScanner.conf, presumably this was added in a later
> version (we are running 4.74.16).
It was added in 4.76.1.
> - Is there another way to make sure .js witnin .zip files are stopped
> (using the current version)?
I don't recall for sure, but I think in versions prior to 4.76, the same
filename rules were applied to files inside archives just as to unarchived
> - Would you recommend upgrading to the latest version (if so, is this
> a complicated and/or risky process)?
Upgrading would be good, but the latest (v5) versions have significant
changes so the process isn't completely turnkey.
There are still v4 packages at
and a later deb at
although the other 4.86.1-1 versions don't seem to be there.
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
MailScanner mailing list
mailscanner at lists.mailscanner.info
More information about the MailScanner