From owner-freebsd-security Tue Dec 4 18:41:53 2001 Delivered-To: freebsd-security@freebsd.org Received: from pirahna.awe-full.com (s64-180-126-6.bc.hsia.telus.net [64.180.126.6]) by hub.freebsd.org (Postfix) with ESMTP id 11D0837B417 for ; Tue, 4 Dec 2001 18:41:49 -0800 (PST) Received: from uniserve.com (pirahna@localhost [127.0.0.1]) by pirahna.awe-full.com (8.11.6/8.11.6) with ESMTP id fB52fU350675; Tue, 4 Dec 2001 18:41:30 -0800 (PST) (envelope-from landons@uniserve.com) Message-ID: <3C0D8959.5080500@uniserve.com> Date: Tue, 04 Dec 2001 18:41:29 -0800 From: Landon Stewart User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.6) Gecko/20011125 X-Accept-Language: en-us MIME-Version: 1.0 To: Anthony Kim Cc: freebsd-security@freebsd.org Subject: Re: block double suffix attachments? Re: Mail list is posting gone virus!!!! References: <01d701c17d10$a8b334b0$0001300a@lhtech.lhtek.com> <4.3.2.7.2.20011204172959.04d112e0@localhost> <5.1.0.14.2.20011204193019.05f01c18@mail.Go2France.com> <20011204194431.E92148@elvis.mu.org> <20011205021654.GA31554@boethius.telocity.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Anthony Kim wrote: >and .Z > >You've got to consider, people send all sorts of weird filenames. >mtr.c.patch or ncurses.ru.uu or bill_me.c.diff or >BSD.include.dist - you get the idea. > >At work we focus on the AV recommended most wanted, .pif, .exe., >.vbs, .scr, .shs, but this list is getting longer and longer :( > For an idea, Eudora (eudora.com) has a somewhat comprehensive list of attachments that generate warnings when someone tries to open them. They keep this list updated and make it an updatable part of their mail client. This list would give someone a good start as to what to block for extensions. -- Landon Stewart System Administrator Vancouver Pacific Pender Uniserve Online Right of Use: The sender intends this message for a specific recipient and, as it may contain information that is privileged or confidential, any use, dissemination, forwarding, or copying by anyone without permission from the sender is prohibited. Personal e-mail may contain views that are not necessarily those of the company. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message