I'm looking at the code:
if (filter_bad_filename($entity)) {
md_graphdefang_log('bad_filename', $fname, $type);
return action_drop_with_warning("An attachment named $fname was
removed from this document as it\nconstituted a security hazard. If you
require this document, please contact\nthe sender and arrange an
alternate means of receiving it.\n");
}
Can we make this:
$SilentlyDiscardSuspectAttachments = 1;
...
if (filter_bad_filename($entity)) {
md_graphdefang_log('bad_filename', $fname, $type);
if ($SilentlyDropSuspectAttachments) {
return action_drop_with_warning("An attachment named $fname
was removed from this document as it\nconstituted a security hazard. If
you require this document, please contact\nthe sender and arrange an
alternate means of receiving it.\n");
} else {
return action_bounce("Message rejected; an attachment named
$fname of\ndubious nature was found in this message.\nContact the
postmaster if this was a legitimate transfer.\n");
}
}
Instead? This will make a common policy change easier for people to
implement as a configuration issue rather than as code modification.
Thanks,
-Philip
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
