whitelisting google appointments
Maurizio Marini
maumar at datalogica.com
Thu Apr 28 13:52:03 CEST 2011
Hi there
scenario: debian squeeze fully updated
I would white-list following:
<code>
No viruses were found.
Banned name: text/calendar,.dat,pdmuf0a0dvv9l34 at google.com
Content type: Banned
Internal reference code for the message is 19805-05/h0hK2I4XV5xP
[..snip..]
Content-Type: text/calendar; charset=utf-8; method=REPLY;
name="pdmusncgf0a0dvv9l34 at google.com"
Content-Disposition: attachment;
filename="pdmusncgf0a0dvv9l34 at google.com"
</code>
i suppose that it is banned as the filename is:
pdmuagf0a0dvv9l34 at google.com
ending with .com
20-debian_defaults
# block certain double extensions anywhere in the base name
qr'\.[^./]*\.(vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
this is a false positive, as you can imagine
what can be done to mitigate this effect?
best regards
-- maurizio
More information about the amavis-users
mailing list