Double Extension Permission
Lindsay Snider
lindsay at pa.net
Mon Dec 6 18:55:58 GMT 2004
[ The following text is in the "iso-8859-2" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
>
> Yes, i know. But i think that when we ban 'all' dangerous extensions, eg
> .vbs/.exe/.reg/etc all files that have double extensions eg.
> something.doc.exe will be actually blocked.
We tried to come up with something that would only block double extensions
when the final extension is known to be evil. This prevents quite a few
false positives include those listed earlier in this thread. Here's what we
currently have:
deny \.[a-z][a-z0-9]{2,3}\s*\.(exe|com|pif|bat|vbs)$
> From my own experience i can say, that many people use dots in filenames
> that they send in e-mails and that files eg. document.eng.doc ('eng' from
> 'english') are stopped by default rules.
> Ofcourse this rule can be simply turned off, but maybe it could be turned
> off by default as, in my opinion, it more hurts than helps.
> Or...?
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list