Executables within docx files?
Alexander Wirt via amavis-users
amavis-users at amavis.org
Thu Sep 5 08:43:22 CEST 2013
On Wed, 04 Sep 2013, Alex via amavis-users wrote:
> Hi,
>
> >> $ file \[trash\]/0001.dat
> >> [trash]/0001.dat: DOS executable (block device driver)
> >>
> >> Is this normal for a docx file? I'm sure the original sender had no
> >> idea this file contained a device driver. Is there something the
> >> sender needs to do to avoid this in the future?
> >>
> >> Is there some way to avoid this problem from happening again with
> >> other docx files?
> > See http://bugs.gw.com/view.php?id=277
>
> What is this gw.com site? Shouldn't a bug report be filed with the
> 'file' people or the amavisd people?
>
> Does anyone know if my suggestion to modify the $banned_filename_re
> will work? Mark? :-)
>
> $banned_filename_re = new_RE(
>
> [ qr'^\[trash\]/0001\.dat$' => 0 ],
It won't work. Let me cite from the ECMA spec here:
Trash items represent parts that have been discarded or are no longer in
use. Trash items shall not conform to OPC part naming guidelines as
defined in Part 2 and shall not be associated with a content type. All
trash items shall follow the naming scheme: [trash]/hhhh.dat where h
represents a hexadecimal value.
so something like: ^\[trash\]/[0-9a-f]{4}\.dat$ should work better.
Alex
More information about the amavis-users
mailing list