filtering file types vs. extensions -- New 4.22-3

David dh at UPTIME.AT
Mon Jun 23 15:31:33 IST 2003

> What I would really like is suggestions of what should go in the
> filetype.rules.conf file. Currently it is minimal (to put it mildly). 
> By
> default it allows files that don't match any rule, just like the
> filename.rules.conf file.
> What other rules should I add to it?
Personally I see this as a second layer check. If an attachment comes 
in which is clearly blocked by the extension (no matter if the conten 
type matches or file says it is something different), dump it. Only if 
it passes the extension test run the file test on it.

Per defualt I would drop anything which is something different to what 
the extension would suggest that it is. For example.

if it comes in as .doc and .doc is allowed through, but file says this 
.doc is of type MP3. Then drop that by default.
At least that is how I would handle it.

Maybe also scan based on domain or fromTo and so on...


-- nee amata wo mitsukete soshite midoto wasrezu
    domma mi mumega itakutemo soba mi iru mo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url :

More information about the MailScanner mailing list