A long gap in a name is often used to hide part of it {Scanne d by HJMS}
Antony Stone
Antony at SOFT-SOLUTIONS.CO.UK
Fri Sep 12 18:03:15 IST 2003
On Friday 12 September 2003 5:57 pm, Martin Sapsed wrote:
> > deny .{150,} Very long filename, possible OE attack
> I have seen some messages that got rejected by this rule here recently
> which would have been ok except that the file names were:
>
> TdUkDisplayPro.ICC
> Promotion_Prop.pif
> New Text Docum.scr
> science_ob=MIm.url
> CARS_popup.asp.dat
> Contaminated w.doc
> Press Release .doc
> Press Release -1.doc
> Press Release -2.doc
> Press Release -3.doc
>
> Mostly 18 characters. Anyone else seeing this? It's happening on 3
> different hubs, and all have the standard 150 line in filename rules.
These names look truncated to me. Are you certain that these are the
attachment names as they were in the original emails which got scanned?
Also, are you sure there's no white space before / after / during the
filenames, as .{150,} will match 150 of any character, including spaces,
tabs, etc...
Antony.
--
What is this talk of software 'release' ?
Our software evolves and matures until it becomes capable of escape,
leaving a bloody trail of designers and quality assurance people in its wake.
More information about the MailScanner
mailing list