Stopping .js in .zip

Mark Sapiro mark at
Thu Feb 23 03:27:46 UTC 2017

On 02/22/2017 04:29 AM, Trond M. Markussen wrote:
> Thanks for the info. In that case, stopping these attacks should not be a
> problem with the current MS version as I understand it.

I would think so, but I don't have a pre 4.76 version to test/experiment
with so I don't know for sure.

> Could it be a conflict between allowing ZIPs and denying JS files in
> filename.rules.conf?
> allow   \.zip$ 
> deny    \.jse?$

You might try changing the order of 'deny    \.jse?$' and 'allow
\.zip$' in that file. I wouldn't think it would matter, but it might.

> Is there perhaps a way to block js files in filetype.rules.conf?

I don't think so. filetype.rules.conf relies on the type reported by the
'file' command, and in testing a few .js files, the report is either
'HTML document, ASCII text' or 'ASCII text' and you certainly don't want
to block those.

Mark Sapiro <mark at>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the MailScanner mailing list