On Thu, 19 Jan 2006, [EMAIL PROTECTED] wrote:
Paul Murphy wrote:
Definitely one for the banned list now...
For the paranoid, I have a fairly thorough list of compressed file extensions
here:
http://www.mimedefang.com/kwiki/index.cgi?BadFilenameExtensions
For the record:
zip rar sit cpt hqx ace bz bz2 iso lha r00 r01 r02 r03 r04 r05 r06 r07 r08 r09
r10 r11 r12 r13 r14 r15 r16 r17 r18 r19 r20 r21 r22 r23 r24 r25 r26 r27 r28 r29
tbz tbz2 arc arj b64 cab gz hqx lzh mim tar taz tgz tz uu uue xxe z
Hi, I see the phrase " For the paranoid", but please: do not add any
"real" archives to the default list of extensions in the sample filter,
how about another configurable line that lists that ones?
BTW: I'm missing "ace" and it's split-files "c[0-9]{2}", also: rar's
split-files are named "r[0-9]{2}" -- there may be more than just 32
archives, I've seen some program registering all 100 extensions ;-)
What are zip's split-files named like? Was it z[0-9]{2} or b[0-9]{2}??
Also: bin, gl, md[as] are also used for Images like iso.
Frankly, I think that one should handle only those file types on the
server that Windows may _really_ execute via the WinShell (or WinExec or
whatever the shell.dll hook is named), e.g. a file in a zip is not
executed on-the-fly, but by storing it (or the complete contents of the
archive) onto the hard disk of the system, that's subject of the on-access
scanner on each particular system and not for the mail server. You need an
on-access on each enduser system anyway. -- But this discussion had
happened before :)
Bye,
--
Steffen Kaiser
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
