Hi Alessandro, On Monday, 11. April 2016 15:18:11 Alessandro Briosi wrote: > The file you can find here [1] bypasses amavis extensions checks. > > In my configuration .exe are banned (even inside .zip files) > > Though for some reasons this .zip passes. > > I also have checks for double extensions which on normal files work > (still even within .zip files) > I also tryed renaming the file (leaving the .zip) > > This one bypasses the checks and I'm probably too dumb to find out why. > > Any help would be appreciated. > > **N.B. Obviously it's a virus so do not execute the file!!!!!!**
two things you could try: 1. Test if .exe detection in .zip files works generally. Just grab any .exe file, zip it and send it through the filter. Is that properly banned? 2. If so, it's probably some whitelist issue. Please inspect the amavisd log output about the detected MIME type. I've posted about a similar whitelist issue here: https://lists.amavis.org/pipermail/amavis-users/2016-March/004125.html Best regards, Thomas
