Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Why the attachment being blocked?

Posted on 2011-03-03
7
935 Views
Last Modified: 2012-05-11
This is using MailScanner on CentOs. There is an external party tried to send us, and in return, mail being bounced back with the error messages as follows:

This is a message from the MailScanner E-Mail Virus Protection Service
----------------------------------------------------------------------
The original e-mail attachment "%112233aaccbb.htm"
is on the list of unacceptable attachments for this site and has been
replaced by this warning message.

If you wish to receive a copy of the original attachment, please
e-mail helpdesk and include the whole of this message
in your request. Alternatively, you can call them, with
the contents of this message to hand when you call.

At Thu Mar  3 22:56:39 2011 the virus scanner said:
   MailScanner: Filename trying to hide its real type (%aabbcc1122.htm)

Note to Help Desk: Look on the abc networks (smtp.abc.com) MailScanner in /var/spool/MailScanner/quarantine/20110303 (message p23EuYdx006926).
--
Postmaster
abc networks

What's wrong with the attachment? How to solve the problem?

0
Comment
Question by:Balack
  • 4
  • 2
7 Comments
 
LVL 16

Expert Comment

by:santoshmotwani
ID: 35033002
can you please paste output of

/etc/MailScanner/filename.rules.conf
/etc/MailScanner/filename.allow.all.conf
0
 

Author Comment

by:Balack
ID: 35033624
Hi santoshmotwani,

Filename.allow.all.conf:

   # This ruleset will allow all attached files to pass
   allow      .*      -      -

For filename.rules.conf, see the attached

 
filename.rules.conf.txt
0
 
LVL 12

Accepted Solution

by:
mccracky earned 500 total points
ID: 35037004
At a quick glance it seems that it is hitting the CLSID rule:

# Deny filenames containing CLSID's
deny      \{[a-hA-H0-9-]{25,}\}      Filename trying to hide its real type. Files containing  CLSID's are trying to hide their real type

Examples:
A977FF0C-8757-4E76-8533-482F91946233
000209FF-0000-0000-C000-000000000046

Can the file be renamed and sent?
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 

Author Comment

by:Balack
ID: 35038277
yes, it can.
0
 

Author Comment

by:Balack
ID: 35038283
It is normally *.htm file.
0
 
LVL 12

Expert Comment

by:mccracky
ID: 35039471
I don't think it's the .htm part, but the first part that is just 112233aabbcc, but not sure.  
0
 

Author Closing Comment

by:Balack
ID: 35078175
good
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question