[Mimedefang] New virus out, how do I confirm no errors?

[Fox, Randy]

>Look at the extension... it's ".txt", which your filter will allow
>through.  Will such an attachment actually execute in Windows?  I
>believe most Windows mail clients ignore the Content-Type: header and
>only go by the extension.  However, a more careful filter would check
>the content type as well:

I forgot to clarify, the header I sent was after the Virus Scanner on the
Exchange server had 'touched' it.

># ...
>	if ($type eq "application/octet-stream") {
>		# Discard or warn or whatever...
>	}
># ...

>There are a lot of possible content types, though, so this can get hairy.
>A very paranoid site would allow only text/html or text/plain (and even
>text/html is iffy...)

This is a good suggestion and probably what happened.  After some
investigation of MIME types, I'll fine tune the filter to be look for these
as well.

Thanks,
Randy