MailScanner: allowing winmail.dat and .js files
Hi
Can someone tell me where to set MailScanner to allow winmail.dat and xxx.js attachments?
winmail.dat is the Outlook rich text format attachemt, yet my MailScanner blocks it ans says it contains a virus ( which it does not). It also blocks .js files, even in .zip archives.
Thanks
Can someone tell me where to set MailScanner to allow winmail.dat and xxx.js attachments?
winmail.dat is the Outlook rich text format attachemt, yet my MailScanner blocks it ans says it contains a virus ( which it does not). It also blocks .js files, even in .zip archives.
Thanks
Edit /etc/MailScanner/filetype.
ASKER
HI Owen,
I've looked in all those files (inside /etc/MailScanner), but there is no explicit mention of .dat or .js, ( ie, it does not say deny nor allow for either).
Does this mean that if a file is not mentioned in there that it is by default accepted to be in a state of "deny"?
I've looked in all those files (inside /etc/MailScanner), but there is no explicit mention of .dat or .js, ( ie, it does not say deny nor allow for either).
Does this mean that if a file is not mentioned in there that it is by default accepted to be in a state of "deny"?
No, those are blocked for other reasons, right? Could you qoute the MailScanner report for both types here?
(BTW foot, idefault is to look at both file type and name, so one would need look at both files... Probably not the problem here:).
REasons that come to mind are "Allow Script Tags = no", "Allow Form Tags = no" etc in /etc/MailScanner/MailScann
-- Glenn
(BTW foot, idefault is to look at both file type and name, so one would need look at both files... Probably not the problem here:).
REasons that come to mind are "Allow Script Tags = no", "Allow Form Tags = no" etc in /etc/MailScanner/MailScann
-- Glenn
ASKER
This is a message from the MailScanner E-Mail Virus Protection Service
--------------------------
The original e-mail attachment "winmail.dat"
was believed to be infected by a virus and has been replaced by this warning
message.
##########################
This is a message from the MailScanner E-Mail Virus Protection Service
--------------------------
The original e-mail attachment "xxxxx.zip"
is on the list of unacceptable attachments for this site and has been
replaced by this warning message.
Due to limitations placed on us by the Regulation of Investigatory Powers
Act 2000, we were unable to keep a copy of the original attachment.
At Thu Sep 2 13:23:57 2004 the virus scanner said:
MailScanner: JScript Scripts are dangerous in email (xxxxxxx.js)
##########################
Those are the 2 reports, 1st for the winmail.dat, and 2nd for the .zip file containing the .js file.
I've looked in all my .conf files related to MailScanner , SpamAssassin and clamav, and nowere are there explicit "deny" rules set for either .zip, .js or .dat files.
Thanks for the help.
--------------------------
The original e-mail attachment "winmail.dat"
was believed to be infected by a virus and has been replaced by this warning
message.
##########################
This is a message from the MailScanner E-Mail Virus Protection Service
--------------------------
The original e-mail attachment "xxxxx.zip"
is on the list of unacceptable attachments for this site and has been
replaced by this warning message.
Due to limitations placed on us by the Regulation of Investigatory Powers
Act 2000, we were unable to keep a copy of the original attachment.
At Thu Sep 2 13:23:57 2004 the virus scanner said:
MailScanner: JScript Scripts are dangerous in email (xxxxxxx.js)
##########################
Those are the 2 reports, 1st for the winmail.dat, and 2nd for the .zip file containing the .js file.
I've looked in all my .conf files related to MailScanner , SpamAssassin and clamav, and nowere are there explicit "deny" rules set for either .zip, .js or .dat files.
Thanks for the help.
The winmail.dat rejection is due to the "Deliver Unparsable TNEF = no" setting in MailScanner.conf file. Still looking for the zip one. Have you double checked the config files? :)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yep, foot is probably right about the TNEF thing, but alas not for the JScript rejection. Note that it _is_ mailscanner who's rejecting it there, so ... How about those settings for Scripts etc in MailScanner.conf... Could we see them? Oh BTW, which version of MS is it?
-- Glenn
-- Glenn
"Oh, see me being both slow and wrong":-)
-- Glenn
-- Glenn
ASKER
Hi Gns
No, you may be slow, but you are not necessarily wrong. The .js part is not yet confirmed to work, but the TNEF thingy was definately the solution to the winmail.dat problem. The .js is of lesser importance to me, but I will explore and report back
No, you may be slow, but you are not necessarily wrong. The .js part is not yet confirmed to work, but the TNEF thingy was definately the solution to the winmail.dat problem. The .js is of lesser importance to me, but I will explore and report back
How the _blazes_ does it match .... Ooow. Why is itimpossible to maintain a complete understanding of perlres? Probably because they're incredibly obtuse sometimes:-):-).
If you like to see it in action do:
# perl
$_="xxx.js";
/\.jse?$/ && print "Hoppla\n";
$_="xxx.jse";
/\.jse?$/ && print "Hoppla2\n";
$_="xxx.jser";
/\.jse?$/ && print "Hoppla3\n";
__END__
Hoppla
Hoppla2
#
Sigh, make me feel decrepit...
-- Glenn
If you like to see it in action do:
# perl
$_="xxx.js";
/\.jse?$/ && print "Hoppla\n";
$_="xxx.jse";
/\.jse?$/ && print "Hoppla2\n";
$_="xxx.jser";
/\.jse?$/ && print "Hoppla3\n";
__END__
Hoppla
Hoppla2
#
Sigh, make me feel decrepit...
-- Glenn
... And the pod reference (or man perlre, for those interrested... I'll just copy this one line):
? Match 1 or 0 times
so in the "\.jse?$" we actually have the eqivalent of "\.js$|\.jse$"...
And Yes, It makes me feel slow'n'stoopid, since I should know this. By heart:-)
-- Glenn
? Match 1 or 0 times
so in the "\.jse?$" we actually have the eqivalent of "\.js$|\.jse$"...
And Yes, It makes me feel slow'n'stoopid, since I should know this. By heart:-)
-- Glenn
"And Yes, It makes me feel slow'n'stoopid, since I should know this. By heart:-)"
I wouldnt worry about it mate. I should have spotted it too. But it was the only reference to jscript in the config file therefore it was worth a go commenting it out. I didnt think the re matched either :)
I wouldnt worry about it mate. I should have spotted it too. But it was the only reference to jscript in the config file therefore it was worth a go commenting it out. I didnt think the re matched either :)