Don't understand this match

Richard Thomas richard.thomas at
Wed Mar 1 22:33:01 GMT 2006

Julian Field wrote:

>It santises the filenames before logging them or outputting them in any way.
>One way it does this is by shortening them, except for the last filename 
>So you won't always see the full original filename. This is to stop 
>exploits based on the reporting of filenames (imagine if you made up a 
>filename that contained MIME boundaries, newline characters and a 
>complete MIME attachment). It never ever outputs raw data based on the 
>input data without sanitising it in some form.
>This is a fundamental anti-attack method I use.
OK, I understand the reasoning behind that. The problem is then I guess 
that it obscures the reason the file was blocked in the first place. Not 
that I'm complaining :) Just wondering if there might be some way to 
reconcile the two issues. (For now, I may just make the reject reason 
more explicit).



MIS Department      | Psychiatric Solutions Inc |Phone: +1 615 312 5787
840 Crescent Ctr Dr |                           |Fax:   +1 615 312 5711
Suite 460           +---------------------------+----------------------
Franklin, TN 37067  |Support: helpdesk at +1 615 312 5888

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3226 bytes
Desc: S/MIME Cryptographic Signature
Url :

More information about the MailScanner mailing list