Filetype scanning rules?

Antony Stone Antony at SOFT-SOLUTIONS.CO.UK
Mon Jun 30 18:30:40 IST 2003


On Monday 30 June 2003 6:22 pm, Julian Field wrote:

> Currently, the only rule in the new filetype.rules.conf file bans
> executables. Has anyone got any good ideas for extra rules to allow or deny
> other types of files?

I think a fair number of people might be interested in banning filetypes such
as mp3 mpg avi...

Also it would be useful to be able to allow genuine zip files (and ignore
files which simply have the .zip extension) because of the viruses which
currently try to slip through file scanning systems by pretending to be zips.

> Should I enable this filetype checking by default?
>
> Your thoughts, votes and comments please.

My thoughts are, yes, enable it by default; block executables and allow
genuine zips, then people can add their own additional preferences.

I wonder if it's possible to come up with an intelligent way of combining the
extension check with the filetype check, so a file gets blocked if the
extension doesn't match the contents?

Regards,

Antony.

--

The difference between theory and practice is that
in theory there is no difference, whereas in practice there is.



More information about the MailScanner mailing list