Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Why the attachment being blocked?

Posted on 2011-03-03
7
Medium Priority
?
988 Views
Last Modified: 2012-05-11
This is using MailScanner on CentOs. There is an external party tried to send us, and in return, mail being bounced back with the error messages as follows:

This is a message from the MailScanner E-Mail Virus Protection Service
----------------------------------------------------------------------
The original e-mail attachment "%112233aaccbb.htm"
is on the list of unacceptable attachments for this site and has been
replaced by this warning message.

If you wish to receive a copy of the original attachment, please
e-mail helpdesk and include the whole of this message
in your request. Alternatively, you can call them, with
the contents of this message to hand when you call.

At Thu Mar  3 22:56:39 2011 the virus scanner said:
   MailScanner: Filename trying to hide its real type (%aabbcc1122.htm)

Note to Help Desk: Look on the abc networks (smtp.abc.com) MailScanner in /var/spool/MailScanner/quarantine/20110303 (message p23EuYdx006926).
--
Postmaster
abc networks

What's wrong with the attachment? How to solve the problem?

0
Comment
Question by:Balack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 16

Expert Comment

by:santoshmotwani
ID: 35033002
can you please paste output of

/etc/MailScanner/filename.rules.conf
/etc/MailScanner/filename.allow.all.conf
0
 

Author Comment

by:Balack
ID: 35033624
Hi santoshmotwani,

Filename.allow.all.conf:

   # This ruleset will allow all attached files to pass
   allow      .*      -      -

For filename.rules.conf, see the attached

 
filename.rules.conf.txt
0
 
LVL 12

Accepted Solution

by:
mccracky earned 1500 total points
ID: 35037004
At a quick glance it seems that it is hitting the CLSID rule:

# Deny filenames containing CLSID's
deny      \{[a-hA-H0-9-]{25,}\}      Filename trying to hide its real type. Files containing  CLSID's are trying to hide their real type

Examples:
A977FF0C-8757-4E76-8533-482F91946233
000209FF-0000-0000-C000-000000000046

Can the file be renamed and sent?
0
Understanding Linux Permissions

Linux for beginners: How to view the permissions associated with files and directories and also how you can change them.

 

Author Comment

by:Balack
ID: 35038277
yes, it can.
0
 

Author Comment

by:Balack
ID: 35038283
It is normally *.htm file.
0
 
LVL 12

Expert Comment

by:mccracky
ID: 35039471
I don't think it's the .htm part, but the first part that is just 112233aabbcc, but not sure.  
0
 

Author Closing Comment

by:Balack
ID: 35078175
good
0

Featured Post

Linux Academy Android App Now Supports Chromecast

We have some fantastic news for our Android fans. We’re so excited to announce that the Linux Academy Android app is now available with Chromecast support. That’s right – simply download the latest update of the Linux Academy App and start casting your favorite course videos!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question