I noticed a listed bug report against the debian package for the regular expression for file name matching in mimedefang. not sure if this applies to 2.39, but it appeared to apply to 2.38.
Cut and pasted from site: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=231078 -------- Thomas Baetzler <[EMAIL PROTECTED]>: Package: mimedefang Version: 2.38 filter_bad_filename() scans a potential attachment filename for a list of "undesirable" name extensions. The match is not anchored against the end of the filename, so it can get false positives if something that the test considers a "bad extension" is part of the filename. Example: Let's assume that the "com" extension is in the list of bad extensions, but that "pdf" is not. An attachment named Service.T-Online.com - Anfragebericht - 12-03.pdf is erroneously filtered because the regular expression /\.$bad_exts\.*([^-A-Za-z0-9_.,]|$)/ matches the ".com " in the attachment filename. Adding a $ as an anchor at the end of the RE forces it to check the real filename extension. Suggested patch for /etc/mail/mimedefang-filter: # Do not allow: # - CLSIDs {foobarbaz} # - bad extensions (possibly with trailing dots) at end or # followed by non-alphanum - $re = '\.' . $bad_exts . '\.*([^-A-Za-z0-9_.,]|$)'; + $re = '\.' . $bad_exts . '\.*([^-A-Za-z0-9_.,]|$)$'; return re_match($entity, $re); } -------- --Luke CS System Administrator,Montana State University Windows/Linux Security Administror College Of Engineering Checkout monit for server process recovery. _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
