Allow multiple filename extensions?

Antony Stone Antony at SOFT-SOLUTIONS.CO.UK
Fri Jul 11 15:38:34 IST 2003


On Friday 11 July 2003 3:33 pm, Mike Dunderdale wrote:

> The reason that the double extensions are disallowed is because it's a
> known method of trying to fool users, in particular Outlook Express, into
> running programs. Certain windows programs only show the first of the two
> extensions, thus  fooling the user into thinking that they're opening one
> sort of file (eg a document .doc) instead of opening a nasty script (.vbs)

Oh, I understand the reason for the rule, yes, but my point is that it's only
the *final* extension (which may be hidden from the end user, but gets
examined by MailScanner) which determines whether it really is dangerous or
not.

Eg: an attachment document.doc.scr should get blocked because it ends in
.scr, agreed, but an attachment forecast.aug.xls should not be blocked,
because there's nothing wrong with .xls files.

In either case there's no need to examine more than the final extension.

Regards,

Antony.
--

Abandon hope, all ye who enter here.
You'll feel much better about things once you do.



More information about the MailScanner mailing list