Hi there scenario: debian squeeze fully updated
I would white-list following: <code> No viruses were found. Banned name: text/calendar,.dat,[email protected] Content type: Banned Internal reference code for the message is 19805-05/h0hK2I4XV5xP [..snip..] Content-Type: text/calendar; charset=utf-8; method=REPLY; name="[email protected]" Content-Disposition: attachment; filename="[email protected]" </code> i suppose that it is banned as the filename is: [email protected] ending with .com 20-debian_defaults # block certain double extensions anywhere in the base name qr'\.[^./]*\.(vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i, this is a false positive, as you can imagine what can be done to mitigate this effect? best regards -- maurizio
