<html dir="ltr"><head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta content="MSHTML 6.00.2800.1605" name="GENERATOR">
<style title="owaParaStyle">P {
MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px
}
</style>
</head>
<body ocsi="x">
<div dir="ltr"><font face="Tahoma" color="#000000" size="2">We have someone sending word documents through our MailScanner and although the documents were written on office 2007 they assure me that the files were saved in 97-2003 format and from investigation
it does look like the file in the email had a .doc extension as opposed to a .docx. </font><font face="tahoma" size="2">However, it seems like mailscanner seems to think its an archive still and is finding 2 .rel files for each doc file attached to an email.
What is the best way round this?</font></div>
<div dir="ltr"><font face="tahoma" size="2"></font> </div>
<div dir="ltr"><font face="tahoma" size="2">I'm trying to decide between changing Maximum Archive Depth to 0 or adding a rule(s) to the filetypes file to allow these .rel files. If the Archive depth is 0 then I assume the files are still scanned for viruses
as long as the virus scanner has access to the compression libraries at compile time (thinking more of clamav there). Are there any other problems with setting this value to 0?</font></div>
<div dir="ltr"><font face="tahoma" size="2"></font> </div>
<div dir="ltr"><font face="tahoma" size="2">Below are the reports from MailScanner for 2 emails. The first contained one word doc and the second contained 2.</font></div>
<div dir="ltr"><font face="tahoma" size="2"></font> </div>
<div dir="ltr"><font face="tahoma" size="2">Jason</font></div>
<div dir="ltr"><font face="tahoma" size="2"></font> </div>
<div dir="ltr"><font face="tahoma" size="2"></font> </div>
<div dir="ltr"><font face="tahoma" size="2"></font> </div>
<div dir="ltr"><font face="tahoma" size="2"></font> </div>
<div><font face="Tahoma" size="2">
<p class="MsoNormal"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 'Arial','sans-serif'">The virus detector said this about the message:<br>
Report: Report: MailScanner: Attempt to hide real filename extension<br>
(themeManager.x10.rel)<br>
Report: MailScanner: Attempt to hide real filename extension<br>
(themeManager.x11.rel)<br>
</span></p>
<p class="MsoNormal"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 'Arial','sans-serif'"><font face="arial">----------------------------------</font></span></p>
<p class="MsoNormal"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 'Arial','sans-serif'"><font face="arial"></font></span> </p>
<p class="MsoNormal"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 'Arial','sans-serif'">The virus detector said this about the message:<br>
Report: Report: MailScanner: Attempt to hide real filename extension<br>
(themeManager.x10.rel)<br>
Report: MailScanner: Attempt to hide real filename extension<br>
(themeManager.x13.rel)<br>
Report: MailScanner: Attempt to hide real filename extension<br>
(themeManager.x11.rel)<br>
Report: MailScanner: Attempt to hide real filename extension<br>
(themeManager.x12.rel)<br>
</p>
</span></font></div>
</body>
</html>