Hi
I have the following lines in a config file 'filename.rules.conf'
# Custom allow filenames
allow \.xls.xlsx$ - -
allow \.xlsx.xls$ - -
allow \.LAD.PDF$ - -
allow \.lad.pdf$ - -
allow \.[a-z0-9]{3}.doc$ - -
allow \.[a-z0-9]{3}.docx$ - -
allow \.doc$ - -
allow \.docx$ - -
allow \.xls$ - -
allow \.xlsx$ - -
allow \.ddoc$ - -
allow \*.doc$ - -
allow \*.docx$ - -
allow \*.xls$ - -
allow \*.xlsx$ - -
allow \*.ddoc$ - -
allow \.[a-z0-9]{2,3}.ddoc$ - -
allow \.[a-z0-9]{2,3}.zip$ - -
allow \.[a-z0-9]{2,3}.pdf$ - -
allow \.[a-z0-9]{2,3}.doc$ - -
allow \.[a-z0-9]{2,3}.docx$ - -
allow \.[a-z0-9]{2,3}.xls$ - -
allow \.[a-z0-9]{2,3}.xlsx$ - -
# Deny all other double file extensions. This catches any hidden filenames.
deny \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$ Found possible filename hiding Attempt to hide real filename extension
But the message with attachment 38LIISINGULEPINGUnr20140870lõp.akt.doc is still being blocked. How to allow any name with any number of any extensions that ends with doc, docx, pdf and also another extensions I will list?
Mailscanned double filenames
Re: Mailscanned double filenames
There is even more strange problem, the message I see in the EFA interface is
MailScanner: Attempt to hide real filename extension (3201612001Koidulavõrguremont.akt.doc) ,MailScanner: Attempt to hide real filename extension (3201612001Koidulavõrguremont.akt.doc)
But the real filename was 3201612001Koidulavõrguremont.akt.bdoc (extension is BDOC, not DOC)
MailScanner: Attempt to hide real filename extension (3201612001Koidulavõrguremont.akt.doc) ,MailScanner: Attempt to hide real filename extension (3201612001Koidulavõrguremont.akt.doc)
But the real filename was 3201612001Koidulavõrguremont.akt.bdoc (extension is BDOC, not DOC)
Re: Mailscanned double filenames
I found more interesting staff. BDOC is a archive but it contains a file with name something.akt.doc and this name is being blocked.
Re: Mailscanned double filenames
I found the file "archives.filename.rules.conf" where was needed to add allow lines. Resolved.