Question
I have performed the Malformed file extension vulnerability test from the GFI security website which indicates that my server is not protected. How do I protect against this type of message?
Answer
These messages can be easily stopped by blocking certain file types using the Attachment rejection options in GMS Anti-Spam.
However this will result in all files of these types being blocked, regardless of whether they are malicious.
Furthermore, blocking attachments of a certain type is far less effective than virus scanning your incoming mail using GMS Anti-Virus, since blocking against certain types may not protect you against social engineering techniques which may be employed by a virus writer.
The GFI test actually only checks that your server is vulnerable to hta files. This limited test is flawed, since passing this test may falsely lead an administrator to believe that they the server is secure. For a more complete list of potentially damaging files, please see Knowledge Base article q0398 in the “See Also” section of this article.
See Also:
- Why does #GMS# appear to fail the GFI security test I have tried?
- How do I pass the GFI “CLSID extension vulnerability test”?
- How do I pass the GFI “Fragmented message vulnerability test (for Outlook Express)”?
- How do I pass the GFI “Iframe remote vulnerability test”?
- How do I pass the GFI “MIME header vulnerability test”?
- How do I pass the GFI “VBS attachment vulnerability test”?
- How do I pass the GFI ActiveX vulnerability test?
- How do I pass GFI’s Access exploit vulnerability test?
- How do I pass the GFI “Object Codebase vulnerability test”?
- How do I pass the GFI “Eicar anti-virus software test”?
- What attachments should I block?
- How do I pass the GFI “Malformed file extension vulnerability test”?
Keywords:GFI, malformed file extension, vulnerability