Double Extension Permission
Ugo Bellavance
ugob at CAMO-ROUTE.COM
Tue Dec 7 13:33:04 GMT 2004
[ The following text is in the "ISO-8859-2" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Anders Andersson, IT wrote:
>>-----Original Message-----
>>From: MailScanner mailing list
>>[mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Julian Field
>>On 7/12/04 10:35 am, "Anders Andersson, IT"
>>wrote:
>>
>>>>-----Original Message-----
>>>>From: MailScanner mailing list
>>>>[mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Julian Field
>>>>Sent: Tuesday, December 07, 2004 9:57 AM
>>>>To: MAILSCANNER at JISCMAIL.AC.UK
>>>>Subject: Re: Double Extension Permission
>>>>
>>>>On 6/12/04 4:40 pm, "Marcin Ro¿ek" <marcin.rozek at IOS.EDU.PL> wrote:
>>>>
>>>>>Ed Bruce wrote:
>>>>>
>>>>>>Marcin Ro¿ek wrote:
>>>>>>
>>>>>>
>>>>>>>Thom Paine wrote:
>>>>>>>btw - is this really should be turned on by default? I
>>
>>mean, if a
>>
>>>>>>>virus sends its copy as eg. document.doc.pif, i will be blocked
>>>>>>>because of having .pif extension...
>>>>>>>Just my thought...
>>>>>>
>>>>>>I think this site has a good explanation why you want to
>>
>>stop most
>>
>>>>>>double extensions:
>>>>>>
>>>>>>http://www.cknow.com/vtutor/vtextensions.htm
>>>>>
>>>>>Yes, i know. But i think that when we ban 'all' dangerous
>>>>
>>>>extensions,
>>>>
>>>>>eg .vbs/.exe/.reg/etc all files that have double extensions eg.
>>>>>something.doc.exe will be actually blocked.
>>>>> From my own experience i can say, that many people use dots in
>>>>>filenames that they send in e-mails and that files eg.
>>>>>document.eng.doc ('eng' from
>>>>>'english')
>>>>>are stopped by default rules.
>>>>>Ofcourse this rule can be simply turned off, but maybe it
>>
>>could be
>>
>>>>>turned off by default as, in my opinion, it more hurts than helps.
>>>>>Or...?
>>>>
>>>>Most people like this rule. Do you know the original
>>
>>reason I wrote
>>
>>>>it?
>>>>Purely to demonstrate what could be done in a filename
>>
>>rule, to show
>>
>>>>that it wasn't just a list of banned extensions like the
>>
>>commercial
>>
>>>>products can do, but that it was actually a powerful feature which
>>>>could do a whole lot more.
>>>>
>>>>To my surprise, everyone went with it. I guess it is
>>
>>rather useful to
>>
>>>>most sites. But if you don't like it then change it. It's
>>
>>staying in
>>
>>>>the default rules for the reason I wrote it in the first place.
>>>>That's why none of this stuff is hard-coded, you adapt
>>
>>MailScanner to
>>
>>>>your site, not the other way round (talk to a SAP user
>>
>>about that!).
>>
>>>I think it's a good thing its on by default but I wouldnt
>>
>>complain if
>>
>>>the default rules changed so they only go for last
>>
>>extension. To many
>>
>>>ppl use dots early in filenames for different reasons but
>>
>>thats just
>>
>>>just what I think :)
>>
>>Which is exactly why it only looks at the last 6 characters
>>or so when looking for a double extension.
>
> I didnt know that since Im a perl idiot :)
> Then the only onr I would like to change default on is doc since loads of ppl start their document with a sentence and according to "Bill" that
> will be the filename. Not smart for us but maybe something to consider. Hmm, might be the same with powerpint as well?
Then see Steve Swaney's message in this tread.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list