Bypass filtetype or filename blocking and quarantine

George Papamichelakis gpapamichelakis at
Sat Dec 1 11:15:02 UTC 2018

On 11/30/18 10:45 PM, Mark Sapiro wrote:
> On 11/30/18 11:11 AM, George Papamichelakis wrote:
> However, I was mistaken when I said you couldn't use the %...% notation
> in a ruleset file. I have tested that and the %...% substitutions do
> work in rules files.

I have repeated the checks, add my email to filename.rules (attached) 
and send one message from

gmail account to subject server, this is an attachement zip file which 
was previous blocked by other user,

the message stomped as I can see :

Report: 	MailScanner: Attempt to hide real filename extension (55.TIP.pdf)
MailScanner: Attempt to hide real filename extension (55.TIP.pdf)

Attached also is the allowall rules file . In my conf.d setup file  I have :

Filename Rules = %rules-dir%/filename.rules
Filetype Rules = %rules-dir%/filetype.rules

I also tried replacing  %etc-dir% and %rules-dir% with the actual path 
and got the same result.

I'm using 5.0.2 mailscanner by the way if this rings any bell , I can't 
upgrade yet to current version due

to other reasons.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
# This Ruleset will allow all attached files to pass
allow	.*	-	-

-------------- next part --------------
# File to control which domains get filename checking
# mail form or to will not have filenames checked
From:	gpapamichelakis at		%etc-dir%/filename.rules.allowall.conf

FromOrTo:	default		%etc-dir%/filename.rules.conf

More information about the MailScanner mailing list