[exim] content scanning: Problem with particular file?

Top Page
Delete this message
Reply to this message
Author: Herb Martin
Date:  
To: exim-users
Subject: [exim] content scanning: Problem with particular file?
Would someone with Exim 4.50+ content scanning
please test the file MgifExe.txt linked below:

    http://www.LearnQuick.Com/mgifexe.txt


CAVEAT:

[ The file contains a mime encoded VIRUS!]

Do you see all parts?

Content-Type: multipart/related
Content-Type: text/plain
Content-Type: text/html
Content-Type: image/gif
Content-Type: image/gif
Content-Type: application/x-msdownload; name="q993611.exe"

I am new to mime scanning but I suspect this file is either
invalid multipart mime OR riding on the edge of what is
technically valid.

I am particularly interested to know if the $mime_xxxxx
variables are being set properly:

warn log_message = DEBUG: [$mime_part_count] -> [$mime_filename]
[$mime_content_type]

Mime filename is not being set in my version (Cygwin) and
I wish to determine if this is a Cygwin or general problem
with this file.

This warn is from within the MIME ACL check is not show
values for ALL variables (filename, size, decoded name) but is
showing others (id, type, encoding):

warn log_message = DEBUG: \
Count:[$mime_part_count] Name:[$mime_filename] Type:[$mime_content_type]
\
Desc:[$mime_content_description] Disp:[$mime_content_disposition]
ID:[$mime_content_id] \
Size:[$mime_content_size] XEnc:[$mime_content_transfer_encoding]
Type:[$mime_content_type] \
DecodedName:[$mime_decoded_filename] CoverLetter:[$mime_is_coverletter]
`
--
Herb Martin