Date: Tue, 4 Dec 2001 20:16:54 -0600 From: Anthony Kim <niceshorts@yahoo.com> To: Alfred Perlstein <bright@mu.org> Cc: Len Conrad <LConrad@Go2France.com>, freebsd-security@freebsd.org, jmb@freebsd.org Subject: Re: block double suffix attachments? Re: Mail list is posting gone virus!!!! Message-ID: <20011205021654.GA31554@boethius.telocity.com> In-Reply-To: <20011204194431.E92148@elvis.mu.org> References: <01d701c17d10$a8b334b0$0001300a@lhtech.lhtek.com> <C1EC3AA970F8D311BA4D0050BAB07BA870491B@nhex1101.cologic.co.nz> <4.3.2.7.2.20011204172959.04d112e0@localhost> <5.1.0.14.2.20011204193019.05f01c18@mail.Go2France.com> <20011204194431.E92148@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Dec 04, 2001, Alfred Perlstein wrote: > Blocking double extentions is a real pain because people may > elect to send .gz or .bz2 or a myriad of other legit formats. > I guess in the face of this obnoxious plague it may make sense > to drop all attachments that contain double suffix attachments > with the exception of .gz and .bz2. I know I've most likely > forgotten an important extention, but we can add those as the > need arises? and .Z You've got to consider, people send all sorts of weird filenames. mtr.c.patch or ncurses.ru.uu or bill_me.c.diff or BSD.include.dist - you get the idea. At work we focus on the AV recommended most wanted, .pif, .exe., .vbs, .scr, .shs, but this list is getting longer and longer :( -- "Le motd juste." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011205021654.GA31554>