[Mimedefang] hi, and question about mimedefang-filter (filter_bad_filename)

Mitch at 0Bits.COM Mitch at 0Bits.COM
Tue Jul 29 16:57:05 EDT 2003 

I've never seen an attachment name like that. I would actually
consider that a bad filename. That is a URL more than a filename.
Remember / is a metacharacter to delimit directories - well in
a UNIX filesystem anyhow, so should definetly NOT be used in a
filename for attachments.

I don't believe your change will let bad filename extensions to
get thru, but taking into consideration my previous comment, i
don't believe you really want to do what you did.

Just my opinion.
Mitch
-------- Original Message --------
Subject: [Mimedefang] hi, and question about mimedefang-filter (filter_bad_filename)
Date: Tue, 29 Jul 2003 14:05:34 -0400
From: Mark London <mrl at PSFC.MIT.EDU>
Reply-To: mimedefang at lists.roaringpenguin.com
To: MIMEDEFANG at lists.roaringpenguin.com

Hi - I installed mimedefang according to the online web pages, and installed
mimedefang-filter with the filter_bad_filename subroutine that looks like:

    # Bad extensions
    $bad_exts =
'(ade|adp|app|asd|asf|asx|bas|bat|chm|cmd|com|cpl|crt|dll|exe|f\
xp|hlp|hta|hto|inf|ini|ins|isp|jse?|lib|lnk|mdb|mde|msc|msi|msp|mst|ocx|pcd|pif\
|prg|reg|scr|sct|sh|shb|shs|sys|url|vb|vbe|vbs|vcs|vxd|wmd|wms|wmz|wsc|wsf|wsh|\
\{)';
    # Do not allow:
    # - curlies
    # - bad extensions (possibly with trailing dots) at end or
    #   followed by non-alphanum
    $re = '\.' . $bad_exts . '\.*([^-A-Za-z0-9_.,]|$)';

This seemed to work fine, until I sent a web page from Netscape 7, and the
receiver of the mail was told it had a bad attachment, the problem being
that the attachment name was:

www.petfinder.com/pet.cgi?action=2&pet=1920982&adTarget=468
petsgeneral&SessionID=3f26987d1a90052c-app2&display=&preview=1&row=0

The code finds the ".com", and so tags it as being a bad extension.
In order to avoid this problem, I added the / character in the excluded
character list:

    $re = '\.' . $bad_exts . '\.*([^-A-Za-z0-9_.,/]|$)';

But I'm curious A) why no one else has reported this problem, and B) will
my fix allow any bad attachments to get through?  Thanks. -   Mark

More information about the MIMEDefang mailing list