Double Extension Permission

Anders Andersson, IT anders.andersson at LTKALMAR.SE
Tue Dec 7 10:35:19 GMT 2004 

    [ The following text is in the "ISO-8859-2" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

> -----Original Message-----
> From: MailScanner mailing list 
> [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Julian Field
> Sent: Tuesday, December 07, 2004 9:57 AM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: Double Extension Permission
> 
> On 6/12/04 4:40 pm, "Marcin Ro¿ek" <marcin.rozek at IOS.EDU.PL> wrote:
> > Ed Bruce wrote:
> >> Marcin Ro¿ek wrote:
> >> 
> >>> Thom Paine wrote:
> >>> btw - is this really should be turned on by default? I mean, if a 
> >>> virus sends its copy as eg. document.doc.pif, i will be blocked 
> >>> because of having .pif extension...
> >>> Just my thought...
> >> I think this site has a good explanation why you want to stop most 
> >> double extensions:
> >> 
> >> http://www.cknow.com/vtutor/vtextensions.htm
> > Yes, i know. But i think that when we ban 'all' dangerous 
> extensions, 
> > eg .vbs/.exe/.reg/etc all files that have double extensions eg. 
> > something.doc.exe will be actually blocked.
> >  From my own experience i can say, that many people use dots in 
> > filenames that they send in e-mails and that files eg. 
> > document.eng.doc  ('eng' from
> > 'english')
> > are stopped by default rules.
> > Ofcourse this rule can be simply turned off, but maybe it could be 
> > turned off by default as, in my opinion, it more hurts than helps.
> > Or...?
> 
> Most people like this rule. Do you know the original reason I 
> wrote it?
> Purely to demonstrate what could be done in a filename rule, 
> to show that it wasn't just a list of banned extensions like 
> the commercial products can do, but that it was actually a 
> powerful feature which could do a whole lot more.
> 
> To my surprise, everyone went with it. I guess it is rather 
> useful to most sites. But if you don't like it then change 
> it. It's staying in the default rules for the reason I wrote 
> it in the first place. That's why none of this stuff is 
> hard-coded, you adapt MailScanner to your site, not the other 
> way round (talk to a SAP user about that!).

I think it's a good thing its on by default but I wouldnt complain if 
the default rules changed so they only go for last extension. To many ppl
use dots early in filenames for different reasons but thats just just what I think  :) 

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list