wrong detection of file?

Antony Stone Antony.Stone at mailscanner.open.source.it
Tue May 28 15:51:22 UTC 2019


On Tuesday 28 May 2019 at 17:38:03, Peter Farrow wrote:

> Dear Louis,
> 
> A file ending in ".com" is a computer code executable program.
> 
> Mailscanner is seeing "example.com" and disallowing it as a potential
> executable.

So why is it:

a) reporting "SSL Server Tes.com" as the filename?

b) thinking the filename ends in .com when it actually ends in .pdf (and is 
what Windows would pay attention to, no matter what's in the middle of the 
name)?

> This is normal expected and by design behaviour,

I disagree.

Even if it were true, this would be a bug, because MailScanner would be 
treating filenames differently from the way Windows treats them, and therefore 
generating false positives.


Antony.

> On 28/05/2019 15:43, L.P.H. van Belle via MailScanner wrote:
> > Hai Shawn,
> > 
> > 
> > Have you ever seen something like this.
> > 
> > I just e-mailed a file, with a name as shown below.
> > SSL Server Test hostname.example.com (Powered by Qualys SSL Labs).pdf
> > 
> > The resport shows :
> > Message: Executable DOS/Windows programs are dangerous in email (SSL
> > Server Tes.com) And its shown in mailwatch as :  application/pdf;
> > charset=binary
> > 
> > Now the thing i dont get here is, how is the name "SSL Server Tes.com"
> > constructed from The name : SSL Server Test hostname.example.com
> > (Powered by Qualys SSL Labs).pdf
> > 
> > I only change the hostname and domain here, i kept the format exact the
> > same.
> > 
> > Greetz,
> > 
> > Louis

-- 
In Heaven, the beer is Belgian, the chefs are Italian, the supermarkets are 
British, the mechanics are German, the lovers are French, the entertainment is 
American, and everything is organised by the Swiss.

In Hell, the beer is American, the chefs are British, the supermarkets are 
German, the mechanics are French, the lovers are Swiss, the entertainment is 
Belgian, and everything is organised by the Italians.

                                                   Please reply to the list;
                                                         please *don't* CC me.


More information about the MailScanner mailing list