You are correct (surprise, suprise) but now I'm confused. Is the "na me=" (again without the space, I still have the rules in place) really required for the rule? After all, it's the attachment file extenstion that we're really filter on.
Actually, the "na me=" helps prevent false positives. By removing it, you're just looking for the "*.c om", which is very likely to appear in the HTML E-mails.
One option would be to change the "na me=" to "filena me=" (again, removing the space). That won't catch *all* MIME attachments, but will catch most of them, while rarely catching the HTML E-mail.
We'll buy Declude AV just as soon as we can afford it so I'm only trying to apply a bandaid in the mean time. I thought I had a decent bandaid going until you brought this up.
If you get to the point where you know you can afford it 30 days later, let me know, and I can get you a free 30-day evaluation version. :)
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you have been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
