From mark at msapiro.net Thu Jul 1 00:18:53 2021 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 30 Jun 2021 17:18:53 -0700 Subject: Ban .html as attachment but not html mails? In-Reply-To: <15a5f628-7a47-573a-fc8a-fa4933248aa@barendse.to> References: <15a5f628-7a47-573a-fc8a-fa4933248aa@barendse.to> Message-ID: <58ad9c44-173a-9508-983b-b718487631e7@msapiro.net> On 6/30/21 12:30 PM, Remco Barendse wrote: > MOre and more malicious emails are coming in with .html as an attachment. > > I do not need my users to receive .html files, ever > > Blocking them in /etc/MailScanner/filename.rules.conf > #deny?? \.htm$????????? Dangerous attachment type #deny > \.html$???????? Dangerous attachment type > > Blocks every email in html, not exactly what I wanted. > > What is the proper way to do it? Consider that most MUAs that compose "rich text" email will create a message with the following MIME structure multipart/alternative text/plain a plain text rendition of the message text/html a rich text rendition of the message Compare that to the structure of a message with a plain text body and an HTML attachment. multipart/mixed text/plain the plain text message text/html an HTML attachment MailScanner currently does not distinguish between these two cases. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From jmgorro at gmail.com Tue Jul 6 05:10:51 2021 From: jmgorro at gmail.com (Josep M Gorro) Date: Tue, 6 Jul 2021 07:10:51 +0200 Subject: TLS on MailScanner Message-ID: Hello all. I have a MailScanner server analyzing all SMTP between internal MTA (with certificate) and the world. I would like to be sure if I need to implement TLS 1.2 in some way on it or is just required between on-premises MTA and the receiver MTA. Thanks. -- http://www.linkedin.com/in/jmgorro -------------- next part -------------- An HTML attachment was scrubbed... URL: