Agreed...not that there is much of a security risk with pif files when you don't execute them...
It was just a passing comment as I am on about 10-15 mailing lists and this one is the only one I receive viruses from...and this is the 2nd or 3rd time...all the other lists I am on don't allow attachments. I didn't ask that all attachments be removed because I know some people like to attach .conf files (whether or not it's a requirement, seeing as most people just paste in the contents to the email successfully, I don't know) so my post was more a question regarding the possibility of removing .pif files... I would say that there are people who unwittingly trust content from this list (at their peril) and may have infected their machines. All good. You are correct re client-side vs server-side. Topic over. Matt Riddell ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, April 05, 2004 5:14 AM Subject: Re: [Asterisk-Users] Re: Hi > G'day, > > If you rely on the server side to implement security for you then you've already lost. You can filter on your smtp server end, or your mail client end.. this will be far more reliable. > > Second hint for you, as opposed to dropping 'problem' extensions, why don't you whitelist the extension names (not that that really means /too/ much), such as .txt or .conf, as this would increase your 'security' more. > > - andrewg > > On Mon, Apr 05, 2004 at 04:35:26AM +1200, Matt Riddell wrote: > > Can't we get the mailing list to not allow mails with .pif files attached? > > > > Matt Riddell _______________________________________________ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
