Page 1 of 1

"Path to message" vs filename length issue

Posted: 28 Jan 2025 10:24
by SelfMan
We have a problem where email is blocked with "Bad content" (Blocked File: Y) because of the filename length.
While the filename itself isn't long, the "Path to message" is much longer.
i.e. "New document.doc" vs "20250128/45gtsmw4hFzqgP/New document.doc"

How is this handled?
How can I change the accepted filename length?

Thank you

Re: "Path to message" vs filename length issue

Posted: 28 Jan 2025 13:57
by Aryfir
Could it be something on /etc/MailScanner/filename.rules.conf:

Code: Select all

deny .{150,}	Very long filename, possible OE attack	Very long filenames are good signs of attacks against Microsoft e-mail packages
And change deny to allow?
systemctl restart mailscanner
BR

Re: "Path to message" vs filename length issue

Posted: 28 Jan 2025 14:19
by SelfMan
Thanks for the info.
It looks like changing the value to 240 did help. The service did not like it when I set it to 250 though.
I do still want to have control over extremely long files, so I keep it at deny for a while. We'll see how it behaves.

This will resolve my issue, but does not fix the bug with the extraction path being added to the filename before the regex test.

P.S.> Outlook Express is dead for years ;-), rest in piece

Re: "Path to message" vs filename length issue

Posted: 29 Jan 2025 09:50
by Aryfir
CMIIW,

Is it because Linux filename limit is 255 characters?

So, when you limit it with 240 then you have 15 characters left for pathname...

BR

Re: "Path to message" vs filename length issue

Posted: 29 Jan 2025 12:20
by SelfMan
IIRC File name and path length hare independent.
Most operating systems have a limit of 255 characters for the filename.
On linux, the maximum path length is defined by PATH_MAX which is in most cases set to 4096.
I am not sure why it crashes when I set the regex value to 255, but I assume the register is overflowing and 254 would work. (I haven't tested it yet).
It may also be that it adds the file extension's length to it.

Never the less 240 seems to be working for me so far.