filtering file types vs. extensions
Francesco Rotondo
f.rotondo at TESEO.IT
Fri Jun 6 18:31:36 IST 2003
>
> What would you like to be able to do?
> 1. Block specific file types (you would have to specify the "file" output
> strings you are looking for.
> 2. Block file types that don't match their extensions (this could only be
> done for a known subset of "file" outputs).
> 3. Add a "file" output specifier to each rule in filename.rules.conf, so
> that the rule matches if either the filename matches or the file type
matches.
> 4. Any more ideas?
>
> Your votes please....
3 looks good but IMHO it could be useful to stop windows executables that
doesn't have an extension as in the case of new viruses these seems to be
the only viruses that got through MS.
Francesco
More information about the MailScanner
mailing list