This zip file passes the .exe banning why?
Alessandro Briosi
ab1 at metalit.com
Mon Apr 11 16:38:15 CEST 2016
Hi,
Il 11/04/2016 15:39, Thomas Jarosch ha scritto:
> two things you could try:
>
> 1. Test if .exe detection in .zip files works generally.
> Just grab any .exe file, zip it and send it through the filter.
>
> Is that properly banned?
Yes, the others are correctly blocked.
>
> 2. If so, it's probably some whitelist issue. Please inspect the amavisd log
> output about the detected MIME type.
> I've posted about a similar whitelist issue here:
> https://lists.amavis.org/pipermail/amavis-users/2016-March/004125.html
>
This is what is detected:
Apr 11 14:36:28 mail amavis[31751]: (31751-01) p003 1 Content-Type:
multipart/mixed
Apr 11 14:36:28 mail amavis[31751]: (31751-01) p001 1/1 Content-Type:
text/plain, size: 564 B, name:
Apr 11 14:36:28 mail amavis[31751]: (31751-01) p002 1/2 Content-Type:
application/zip, size: 59784 B, name: documento_
fatturaaccompagnatoria_.pdf.zip
which seems pretty correct to me
No white listing I can guess of.
If I unzip the file and rezip it, then send an identical mail the file
is blocked.
Alessandro
More information about the amavis-users
mailing list