filtering file types vs. extensions -- New 4.22-3
David
dh at UPTIME.AT
Mon Jun 23 15:31:33 IST 2003
<snip>
> What I would really like is suggestions of what should go in the
> filetype.rules.conf file. Currently it is minimal (to put it mildly).
> By
> default it allows files that don't match any rule, just like the
> filename.rules.conf file.
> What other rules should I add to it?
>
Personally I see this as a second layer check. If an attachment comes
in which is clearly blocked by the extension (no matter if the conten
type matches or file says it is something different), dump it. Only if
it passes the extension test run the file test on it.
Per defualt I would drop anything which is something different to what
the extension would suggest that it is. For example.
if it comes in as .doc and .doc is allowed through, but file says this
.doc is of type MP3. Then drop that by default.
At least that is how I would handle it.
Maybe also scan based on domain or fromTo and so on...
-d
-- nee amata wo mitsukete soshite midoto wasrezu
domma mi mumega itakutemo soba mi iru mo
zutto...zutto...zutto
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20030623/8d5ba10d/attachment.bin
More information about the MailScanner
mailing list