From one sender I constantly get:
Filename Checks: Found possible filename hiding (65C986009E.AA458 email.foot.png)
and the mail is marked as Bad Content.
Is there anything I can do about this without compromising the system for other "bad Content" emails?
Found possible filename hiding
Re: Found possible filename hiding
This is one item up for discussion.
The thing is that the system trips because of the multiple dots in the filename.
The setting for this is defined in /etc/MailScanner/filename.rules.conf
The item is meant to block items like file.png.ps1 or file.png.vbs etc..
Now there are already a bunch of rules in place that blocks .exe .com etc so you could say that it is save to disable the default deny rule (last line below # Deny all other double file extensions. This catches any hidden filenames.)
I have been thinking of disabling this by default as it gives way more headaches than that it actually saves you from getting a virus.
However it is a security issue.
Users input on this is always welcome
The thing is that the system trips because of the multiple dots in the filename.
The setting for this is defined in /etc/MailScanner/filename.rules.conf
The item is meant to block items like file.png.ps1 or file.png.vbs etc..
Now there are already a bunch of rules in place that blocks .exe .com etc so you could say that it is save to disable the default deny rule (last line below # Deny all other double file extensions. This catches any hidden filenames.)
I have been thinking of disabling this by default as it gives way more headaches than that it actually saves you from getting a virus.
However it is a security issue.
Users input on this is always welcome
Version eFa 4.x now available!