>I'd disagree about content filtering completely. There are some file >extensions that are inherently dangerous in the Windows world and .COM >is one of them.
If your AV depends on the filenames in the attachment headers, you've already lost. It needs to look at the attachment contents to see what the files are. COM aren't as easy to recognize as EXE, but it's not hard. And what Al said -- if your DMARC reports are going anywhere near something that can be fooled into running attachments, there's something seriously suboptimal in your mail setup. The only attachments in DMARC reports are the ARF message copy in failure reports and the compressed XML in aggregate reports. R's, John _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
