file header analysis vs file extension

Kevin Spicer kevins at BMRB.CO.UK
Fri May 16 23:06:11 IST 2003

> You'd haveto have something actually reading parts of every attachment
>a virus scanner) to determine its "real" extension.

> I can imagine some company policies not allowing .mp3 files, and users
> figuring out they can just rename to to .txt getting it through

I imagine it wouldn't be hugely difficult to knock up a custom config
module that used something like the 'file' command to check the (real)
mime type of a file using magic numbers, perhaps using the perl
File::MMagic module?

BMRB International
+44 (0)20 8566 5000
This message (and any attachment) is intended only for the
recipient and may contain confidential and/or privileged
material.  If you have received this in error, please contact the
sender and delete this message immediately.  Disclosure, copying
or other action taken in respect of this email or in
reliance on it is prohibited.  BMRB International Limited
accepts no liability in relation to any personal emails, or
content of any email which does not directly relate to our

More information about the MailScanner mailing list