I found this in the log for level 2.. DOC? Where is it picking up doc??
Apr-17-09 08:02:42 id-69761-14968 72.14.252.154 <m.kenne...@dslextreme.com> to: pbry...@fredco-md.net info: attachment 'LETTER FROM MAYO KENNEDY.doc' found for Level-1 After seeing this entry I decided to try setting everyone to level 4 and completely clearing the level4 field so every attachment should be blocked.. Zip came in just fine.. Ughhhhh.. Paul K. Dickson Systems Administrator Frederick County Government, IIT pdick...@fredco-md.net 301-600-2399/x12399 From: "Paul K. Dickson" <pdick...@fredco-md.net> Date: Fri, 17 Apr 2009 07:58:01 -0400 To: For Users of ASSP <assp-u...@lists.sourceforge.net> Conversation: Attachment blocking not working at all. Subject: Attachment blocking not working at all. At least for zip files. I¹ve tried the following strings on both level 1 and level 2, setting all to use the level I was testing with. Blocking IS set. Verbose logging of attachments is set. zip|ad[ep]|asx|ba[st]|chm|cmd|com|cpl|crt|dbx|exe|hlp|ht[ab]|in[fs]|isp|js|j se|lnk|md[abez]|mht|ms[cipt]|nch|pcd|pif|prf|reg|sc[frt]|sh[bs]|vb|vb[es]|wm s|ws[cfh] ad[ep]|asx|ba[st]|chm|cmd|com|cpl|crt|dbx|exe|hlp|ht[ab]|in[fs]|isp|js|jse|l nk|md[abez]|mht|ms[cipt]|nch|pcd|pif|prf|reg|sc[frt]|sh[bs]|vb|vb[es]|wms|ws [cfh]|.zip ad[ep]|asx|ba[st]|chm|cmd|com|cpl|crt|dbx|exe|hlp|ht[ab]|in[fs]|isp|js|jse|l nk|md[abez]|mht|ms[cipt]|nch|pcd|pif|prf|reg|sc[frt]|sh[bs]|vb|vb[es]|wms|ws [cfh]|zip (ad[ep]|asx|ba[st]|chm|cmd|com|cpl|crt|dbx|exe|hlp|ht[ab]|in[fs]|isp|js|jse| lnk|md[abez]|mht|ms[cipt]|nch|pcd|pif|prf|reg|sc[frt]|sh[bs]|vb|vb[es]|wms|w s[cfh]|zip) I send mail from a junk email hotmail account w/ a zip and nothing is found: Apr-17-09 07:42:45 id-68552-29923 65.55.34.148 <cocaclas...@hotmail.com> to: pdick...@fredco-md.net Bayesian Check - Prob: 0.00000 => ham Apr-17-09 07:42:45 id-68552-29923 [MessageOK] 65.55.34.148 <cocaclas...@hotmail.com> to: pdick...@fredco-md.net MESSAGE OK Apr-17-09 07:43:52 id-68619-11960 65.55.34.142 <cocaclas...@hotmail.com> to: pdick...@fredco-md.net Bayesian Check - Prob: 0.00000 => ham Apr-17-09 07:43:52 id-68619-11960 [MessageOK] 65.55.34.142 <cocaclas...@hotmail.com> to: pdick...@fredco-md.net MESSAGE OK Apr-17-09 07:44:46 id-68673-25495 65.55.34.157 <cocaclas...@hotmail.com> to: pdick...@fredco-md.net Bayesian Check - Prob: 0.00000 => ham Apr-17-09 07:44:46 id-68673-25495 [MessageOK] 65.55.34.157 <cocaclas...@hotmail.com> to: pdick...@fredco-md.net MESSAGE OK Apr-17-09 07:45:57 id-68744-03970 65.55.34.153 <cocaclas...@hotmail.com> to: pdick...@fredco-md.net Bayesian Check - Prob: 0.00000 => ham Apr-17-09 07:45:57 id-68744-03970 [MessageOK] 65.55.34.153 <cocaclas...@hotmail.com> to: pdick...@fredco-md.net MESSAGE OK Apr-17-09 07:48:05 id-68871-25535 65.55.34.146 <cocaclas...@hotmail.com> to: pdick...@fredco-md.net Bayesian Check - Prob: 0.00000 => ham Apr-17-09 07:48:05 id-68871-25535 [MessageOK] 65.55.34.146 <cocaclas...@hotmail.com> to: pdick...@fredco-md.net MESSAGE OK All the test mails w/ zips came into my mailbox w/ zips attached. I¹m running 1.4.3.1 as a script from the console. Anyone have any ideas? It¹s a bit disturbing because virus¹s in zips are coming in. Paul K. Dickson Systems Administrator Frederick County Government, IIT pdick...@fredco-md.net 301-600-2399/x12399 ------ End of Forwarded Message ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
