[Mimedefang] Bad Filenames Question
Jim McCullars
jim at info.uah.edu
Thu Nov 21 16:35:01 EST 2002
On Thu, 21 Nov 2002, Rick Mallett wrote:
> Can anyone tell me why attachments with suggested filenames ending
> ".url" (eg. events.url) are considered a "security hazard"? I just
My guess is, to prevent someone from emailing the URL of a site that
has malicious JavaScript code or something else that takes advantage of
some hole in MSIE.
But remember, the sample filter is just that - a sample. It's a
starting point for you to define your own filter rules. FWIW, I cut way
down on the number of bad extensions I look for in my filter. My
definition looks like this:
$bad_exts = '(bat|cmd|com|exe|lnk|pif|reg|scr|shs|vb|vbe|vbs)';
and it has worked well for us.
Jim
More information about the MIMEDefang
mailing list