By default MailScanner does not allow double extensions in attachment file names, e.g. presentation.exe.pdf and I don’t want to point fingers but Microsoft Exchange has a vulnerability where files with long names that have multiple dots in the name can be executed as the first extension, for example if the file is presentation.exe.pdf – when run it will be treated as an executable even if it’s most likely a PDF file.
So when you are sending an email in cPanel with a file that has this pattern in it’s name: dot 2or3 characters/numbers dot 2or3 characters/numbers – that email is going to be hold by MailScanner:
![attempt to hide real filename extension MailScanner attempt to hide real filename extension MailScanner](https://i0.wp.com/pcx3.com/wp-content/uploads/2021/06/hide.png?resize=736%2C432&ssl=1)
To solve this, MailScanner denies both these “double extensions” and files with long names, using a predefined set of rules inside the filename.rules.conf file.
The biggest misinterpretation that I’ve encouncered with cpanel users is that they think that dots are forbidden in file names for attachemnts, but that is not the case.
As mentioned above, the following pattern is denied:
![not allowed in mailscanner not allowed in mailscanner](https://i0.wp.com/pcx3.com/wp-content/uploads/2021/06/not-allowed.png?resize=736%2C235&ssl=1)
But the following is allowed:
![allowed file name pattern for attachments allowed file name pattern for attachments](https://i0.wp.com/pcx3.com/wp-content/uploads/2021/06/allowed.png?resize=736%2C266&ssl=1)
Allowed three letters are also:
- days of the week: MON TUE WED THU FRI SAT SUN
- months: Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
![another allowed file name pattern for attachments another allowed file name pattern for attachments](https://i0.wp.com/pcx3.com/wp-content/uploads/2021/06/also-allowed.png?resize=736%2C267&ssl=1)
To stop MailScanner from blocking files with this pattern and get rid of the “attempt to hide real filename extension” message, simply edit the following file: /usr/mailscanner/etc/filename.rules.conf
![/usr/mailscanner/etc/ /usr/mailscanner/etc/](https://i0.wp.com/pcx3.com/wp-content/uploads/2021/06/MobaXterm_Personal_20.3_C6zz1GZZiA.png?resize=421%2C234&ssl=1)
Scroll down to the bottom of the file, and remove the highlighted rule:
![filename.rules.conf filename.rules.conf](https://i0.wp.com/pcx3.com/wp-content/uploads/2021/06/MobaRTE_Cr2JJEz1kn.png?resize=736%2C231&ssl=1)
Save the file and restart MailScanner for the changes to take effect.
/etc/rc.d/init.d/mailscanner restart