Filename.rules.conf
Kevin Miller
kevin.miller at juneau.org
Tue Oct 8 20:14:59 UTC 2019
I've recently set up dmarc and have been getting reports that often have multiple extensions. I've tried messing with the filename.rules.conf entries to allow some of them through but so far I haven't found the magic combination to do so.
MailScanner sends this:
Report: MailScanner: Attempt to hide real filename extension (1emailsrvr.com.xml)
although the real filename is found in this mail.log entry:
Oct 8 11:47:05 mxt MailScanner[43737]: Filename Checks: Found possible filename hiding (E0CFA1001B6.AE939 emailsrvr.com!juneau.org!1569974400!1570060800!e0c093e8-0e44-4ac4-9ce8-c9cac0aa676c.xml)
This file is actually contained in
emailsrvr.com!juneau.org!1569974400!1570060800!e0c093e8-0e44-4ac4-9ce8-c9cac0aa676c.zip
for whatever that's worth.
Entries I've tried in filename.rules.conf are:
allow \.xml$ - -
allow \*\.com*\.xml$ - -
allow \*\.com*\.zip$ - -
as well as entries without the "*"
So how does one all these through?
Thanks...
...Kevin
--
Kevin Miller
907 586-0242
City & Borough of Juneau
More information about the MailScanner
mailing list