ConfigServer Services
Server Management Services from Way to The Web Ltd

MailScanner is blocking legitimate file attachments because of their name.

  Print
This often happens because the file has a double file extension, such as file.com.pdf or filename.xml.doc. In MailWatch or the notification that is sent to the sender you will see this reason given:

Attempt to hide real filename extension (file.pdf.dat)

(See this article for help on how to determine why MailScanner is blocking an attachment: https://support.configserver.com/knowledgebase/art...)

You should be aware that senders of viruses may use this to try to conceal the actual filetype so that dangerous attachments get through a mail filtering system.

If you want to configure MailScanner to stop blocking any files with this issue for all domains on the server, then do the following:

1. Login to ssh and edit the file /usr/mailscanner/etc/filename.rules.conf. Find the line that blocks double file extensions. It will look something like this:

deny  \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$   Found possible filename hiding    Attempt to hide real filename extension

2. Change the "deny" to allow", save the file, and restart MailScanner.

On the other hand, if you want to configure MailScanner to continue blocking most files with double extensions but allow certain ones, see this article:
https://support.configserver.com/knowledgebase/art...

Finally, if you want to allow this type of attachment for only some domains on the server but not all of them, then you will need to create a rules file as well as create a new filename configuration file. See this article for guidance:
https://support.configserver.com/knowledgebase/art...







Self-Hosted Help Desk Software by SupportPal.

Login

 
Forgot password?
Register now