Checking Suspected E-Mails
Julian Field
MailScanner at ecs.soton.ac.uk
Tue Jun 20 19:09:11 IST 2006
On 20 Jun 2006, at 18:02, Matt Kettler wrote:
> Julian Field wrote:
>
>> Read it carefully. It stops .xx.yyy and .xxx.yyy. It does not stop
>> .xxxx.yyy.
>>
>>>
>>> For reference, the default double-extension rule is:
>>> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$
>>>
>>>
>>> The filename would be unreasonably blocked by MailScanner.
>>
>> No it won't.
>
> Yes it will. It WILL stop .xxxx.yyy
>
>
> Re-read it again julian
>
> Note there's an extra [a-z] in the front.
The catch is that way-back when I wrote the filename rules system, I
wrote this rule as a demonstration of what could be done with the
system, beyond simple \.exe$ rules and obvious stuff like that. The
double-matching-extension rule was another example, showing how you
could use a string found earlier in the filename, again later in the
filename.
It never occurred to me at the time that people would actually use
these rules, particularly not the first one. Amazingly, as I should
have predicted, no-one would bother editing the rules I supply by
default, and so it would be used on everyone's system. The laziness
of many sysadmins is a virtue according to Larry Wall, so I guess
it's a good thing :-)
--
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.
More information about the MailScanner
mailing list