<html>
<head>
</head>
<body>
Thanks for the idea. After reviewing this file I see that I would remove
EXE and COM by these lines:<br>
<br>
deny \.exe$<br>
deny \.com$<br>
<br>
Is this true?<br>
<br>
But I don't really understand how I would detect the EXE if the sender renames
it to say 'ccx' for example. Or am I missing something? I would like to know
if it's an executable by the information in the attachment itself (even if
zipped).<br>
<br>
Miguel<br>
<br>
Matt Doherty wrote:<br>
<blockquote type="cite" cite="mid:CEEEJMPKAGAEEBLAKIGHGEJHCCAA.Matthew_doherty@datawatch.com">
<meta content="MSHTML 5.50.4916.2300" name="GENERATOR">
<div><span class="078102520-26072002"><font face="Arial" color="#0000ff" size="2">
hint: <font face="Times New Roman" color="#000000" size="4">filename.rules.conf</font></font></span></div>
<div> </div>
<p><font size="2">Matt Doherty<br>
IT Dept<br>
Datawatch Corp<br>
<br>
>>In a world without walls or fences, who needs Windows and Gates?<<</font></p>
<blockquote>
<div class="OutlookMessageHeader" dir="Ltr" align="Left"><font face="Tahoma" size="2">
-----Original Message-----<br>
<b>From:</b> Miguel Koren O'Brien de Lacy [<a class="moz-txt-link-freetext" href="mailto:miguelk@KONSULTEX.COM.BR">mailto:miguelk@KONSULTEX.COM.BR</a>]<br>
<b>Sent:</b> Friday, July 26, 2002 5:15 PM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:MAILSCANNER@JISCMAIL.AC.UK">MAILSCANNER@JISCMAIL.AC.UK</a><br>
<b>Subject:</b> Removing only Windows executables<br>
<br>
</font></div>
Excuse my ignorance in this. I have mail scanner running perfectly for
<br>
about 10 months now (did not upgrade yet) and since there were no <br>
problems with it (set and forget), I have gotten "rusty" in my mail <br>
scanner skills. I have a situation in a network where it is desired to
<br>
scan all mails but to completely block Windows executable files. Don't
<br>
even need to scan them, just to remove them. Management has decided that
<br>
no one should receive executables The important fact here is that this
<br>
is valid even if they are zipped or renamed. I'm not talking about a <br>
batch file but just EXE or COM for example. I would need to determine
<br>
from the file header if it is an executable Windows binary or not. Is
<br>
this possible with mail scanner in the current version? If not does <br>
anyone have a suggestion? <br>
<br>
Thanks. <br>
<br>
Miguel <br>
<br>
</blockquote>
</blockquote>
<br>
</body>
</html>