Hello all.
We're having a bit of a problem with the filtering rule for double extensions (eg. .pdf.exe).
The rule is a bit too strict. Let me elaborate on this.
Our company name is 'Company.net'.
Quite often we get attachments -usually PDF- which are auto-generated as companyname.pdf, thus resulting in company.net.pdf
I guess you can see the problem there.
Is it possible to create an exception on the rule? As it is now it seems to be a blanket ban on anything that vaguely looks like a double extension.
Edit1: added fixed tag
Edit2: meta tags:
Bad Content
Blocked File: Y
Report: MailScanner: Attempt to hide real filename extension ( .net.pdf)
[fixed]Double extension filtering exception
[fixed]Double extension filtering exception
Last edited by BOOZy on 08 Nov 2017 08:41, edited 2 times in total.
Re: Double extension filtering exception
edit /etc/MailScanner/filename.rules.conf
search for "double file extensions" and comment out the rule below it. This rule is the generic rule.
alternatively, you can add a rule specifically to allow certain double extensions in while denying the rest
e.g.
I don't know if you need to restart the mailscanner service afterwards, but it cannot hurt.
search for "double file extensions" and comment out the rule below it. This rule is the generic rule.
alternatively, you can add a rule specifically to allow certain double extensions in while denying the rest
e.g.
Code: Select all
allow \.pdf\.exe
Re: Double extension filtering exception
Thanks!
I had to tweak it a bit but eventually I got it to work.
I had to tweak it a bit but eventually I got it to work.
Code: Select all
allow .\net\.pdf - -