shtml attachment files ?

mailscanner at barendse.to mailscanner at barendse.to
Mon Sep 26 08:28:06 UTC 2022



On Thu, 28 Jul 2022, Shawn Iverson via MailScanner wrote:

> It is happening during the mime parsing operation when the mime is split into 
> text and html parts. It assigns a name msg-<id>.html to the html mime part.


Is there any way to avoid that, can we assign a different name, other than 
.html ?

The number of .html attachments with links to a partial virus payload and that 
are slipping through undetected is increasing and it's worrying. I have a 
pretty decent proxy/filter but.........


> On 7/28/22 11:21, Mark Sapiro wrote:
>> On 7/28/22 05:14, mailscanner at barendse.to wrote:
>>> Hi list
>>> 
>>> I tried blocking \.htm$ and \.html$ in my filename.rules.conf before but 
>>> found that this effectively blocked nearly each and every email that was 
>>> coming in so I have to allow that for as long as MailScanner cannot 
>>> differentiate between an attached .html file or html text in the mail 
>>> itself
>> 
>> This is curious. Most common MUAs tend to be configured to compose 
>> multipart/alternative mail with text/plain and text/html alternative parts, 
>> but the text/html part does not have a `name` parameter in the 
>> Content-Type: header nor does it have a Content-Disposition: header at all. 
>> So where is MailScanner getting a *.html filename for these parts?
>> 
>> 
>
>
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>


More information about the MailScanner mailing list