SV: SV: Stopping .js in .zip

Trond M. Markussen markussen at media24.no
Wed Feb 22 12:29:49 UTC 2017 

Thanks for the info. In that case, stopping these attacks should not be a
problem with the current MS version as I understand it.

Could it be a conflict between allowing ZIPs and denying JS files in
filename.rules.conf?
allow   \.zip$ 
deny    \.jse?$

By the way, we have Maximum Archive Depth = 5.

Is there perhaps a way to block js files in filetype.rules.conf?

Regards,

Trond M.

-----Opprinnelig melding-----
Fra: MailScanner
[mailto:mailscanner-bounces+markussen=media24.no at lists.mailscanner.info] På
vegne av Mark Sapiro
Sendt: 21. februar 2017 18:16
Til: mailscanner at lists.mailscanner.info
Emne: Re: SV: Stopping .js in .zip

On 02/21/2017 05:53 AM, Trond M. Markussen wrote:
> Thanks for the feedback. I noticed that there was no " Archives Are" 
> setting in MailScanner.conf, presumably  this was added in a later 
> version (we are running 4.74.16).


It was added in 4.76.1.


> - Is there another way to make sure .js witnin .zip files are stopped 
> (using the current version)?


I don't recall for sure, but I think in versions prior to 4.76, the same
filename rules were applied to files inside archives just as to unarchived
files.


> - Would you recommend upgrading to the latest version (if so, is this 
> a complicated and/or risky process)?


Upgrading would be good, but the latest (v5) versions have significant
changes so the process isn't completely turnkey.

There are still v4 packages at

https://s3.amazonaws.com/msv4/rpm/MailScanner-4.85.3-1.rpm.tar.gz
https://s3.amazonaws.com/msv4/suse/MailScanner-4.85.3-1.suse-rpm.tar.gz
https://s3.amazonaws.com/msv4/tar/MailScanner-4.85.3-1.tar.gz
https://s3.amazonaws.com/msv4/deb/MailScanner-4.85.3-1.deb.tar.gz

and a later deb at

https://s3.amazonaws.com/msv4/deb/MailScanner-4.86.1-1.deb.tar.gz

although the other 4.86.1-1 versions don't seem to be there.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan


--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

More information about the MailScanner mailing list