Checking Suspected E-Mails

Julian Field MailScanner at
Tue Jun 20 19:09:11 IST 2006

On 20 Jun 2006, at 18:02, Matt Kettler wrote:

> Julian Field wrote:
>> Read it carefully. It stops .xx.yyy and .xxx.yyy. It does not stop
>> .xxxx.yyy.
>>> For reference, the default double-extension rule is:
>>>   \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$
>>> The filename would be unreasonably blocked by MailScanner.
>> No it won't.
> Yes it will. It WILL stop .xxxx.yyy
> Re-read it again julian
> Note there's an extra [a-z] in the front.

The catch is that way-back when I wrote the filename rules system, I  
wrote this rule as a demonstration of what could be done with the  
system, beyond simple \.exe$ rules and obvious stuff like that. The  
double-matching-extension rule was another example, showing how you  
could use a string found earlier in the filename, again later in the  

It never occurred to me at the time that people would actually use  
these rules, particularly not the first one. Amazingly, as I should  
have predicted, no-one would bother editing the rules I supply by  
default, and so it would be used on everyone's system. The laziness  
of many sysadmins is a virtue according to Larry Wall, so I guess  
it's a good thing :-)
Julian Field
Buy the MailScanner book at
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.

More information about the MailScanner mailing list