shtml attachment files ?
Shawn Iverson
shawniverson at summitgrid.com
Thu Jul 28 14:39:49 UTC 2022
shtml should be safe to block
In the case of .html, you can use some additional regex if the names
have a certain unique characteristic. Just not msg-.*.html. That will
block legit mail.
On 7/28/22 08:14, mailscanner at barendse.to wrote:
> Hi list
>
> I tried blocking \.htm$ and \.html$ in my filename.rules.conf before
> but found that this effectively blocked nearly each and every email
> that was coming in so I have to allow that for as long as MailScanner
> cannot differentiate between an attached .html file or html text in
> the mail itself
>
> Just received another fake/phishing email with an .shtml attachment
> which includes server side includes google taught me.
>
> Would it be OK to block that or will I also lose mail? If, then maybe
> it's a good addition to the standard MS filename rules?
>
> Thanks!
>
>
More information about the MailScanner
mailing list