Stopping .js in .zip
mark at msapiro.net
Thu Feb 23 03:27:46 UTC 2017
On 02/22/2017 04:29 AM, Trond M. Markussen wrote:
> Thanks for the info. In that case, stopping these attacks should not be a
> problem with the current MS version as I understand it.
I would think so, but I don't have a pre 4.76 version to test/experiment
with so I don't know for sure.
> Could it be a conflict between allowing ZIPs and denying JS files in
> allow \.zip$
> deny \.jse?$
You might try changing the order of 'deny \.jse?$' and 'allow
\.zip$' in that file. I wouldn't think it would matter, but it might.
> Is there perhaps a way to block js files in filetype.rules.conf?
I don't think so. filetype.rules.conf relies on the type reported by the
'file' command, and in testing a few .js files, the report is either
'HTML document, ASCII text' or 'ASCII text' and you certainly don't want
to block those.
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the MailScanner