Allow multiple filename extensions?
Tony Finch
dot at DOTAT.AT
Fri Jul 11 15:32:56 IST 2003
Tom Combs <combs at MAGNET.FSU.EDU> wrote:
>
> I'm not clear on the need for denying multiple filename extensions.
> It seems if an attachment contained a virus, it would be checked by
> the virus scanner and either caught or cleared regardless of the
> extension. Does having multiply filename extensions somehow
> circumvent this process?
It's aimed more at social engineering attacks, or as a backup protection
strategy for the time between a virus getting out and the scanner database
being updated.
The problem is that Windows often hides a file's extension which means
names like info.txt.exe might fool users.
To reduce the number of false positives I've added more known-safe file
extensions fo the list, e.g. .doc, .pdf, etc.
Tony.
--
f.a.n.finch <dot at dotat.at> http://dotat.at/
FISHER: WEST VEERING NORTHWEST 4 OR 5, INCREASING 6. SHOWERS. GOOD.
More information about the MailScanner
mailing list