There is a minor bug in the double-barreled extension checks that showed
up between 1.23 and 1.24. I had added an exclusion check and it actually
broke the check completely

It means that people sending attachments like "filename.doc.doc" are
getting blocked, when they should have been let through. Even though it
is a double-barreled extension - it's one that cannot change the way the
end-user interacts with it (i.e. the user will think it's a Word
document instead of a... Word document) - so it should be ignored.


If you want to fix it, change

if (!$quarantine_event && ($file =~
/(^.*)\.($VALID_WINDOWS_EXTENSIONS)\s*\.($SNEAKY_WINDOWS_EXTENSIONS)$/i)
&& $file !~ /((\.[a-z0-9]{3})\1|\.pp.\.pp.)$/i) {

to

if (!$quarantine_event && ($file =~
/(^.*)\.($VALID_WINDOWS_EXTENSIONS)\s*\.($SNEAKY_WINDOWS_EXTENSIONS)$/i)
&& $file !~ /(\.[a-z0-9]{3})\1|\.pp.\.pp.$/i) {

i.e. there's an extra set of brackets in there that aren't actually needed.

A simple patch against Q-S 1.24 is included to make life easier. Run as
"patch < qs-1.24-double-barreled.patch", and then rebuild Qmail-Scanner
as normal via "./configure..."

[Obviously this will be fixed in the next release. However, I have plans
for a Jan release, and this isn't worth the title of  1.25 :-)]

--
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1