[Mimedefang] bad extensions
Jim McCullars
jim at info.uah.edu
Thu Jan 8 15:16:29 EST 2004
On Thu, 8 Jan 2004, Douglas, Jason wrote:
> How do other people handle "bad" file attachments? Or do you just ignore
> them and let virus scanners determine which are really bad?
FWIW, I pared the list of bad extensions down to this:
$bad_exts = '(bat|cmd|com|exe|lnk|pif|reg|scr|shs|vb|vbe|vbs|zi)';
and reject them outright with something like
return action_bounce("Attachment $fname not allowed as it may
represent a security hazard.");
(I don't remember the exact wording). It caused a little bit of grief at
first, but it has saved us tremendously in the long run. I probably
shouldn't say this in a public list, but we don't run a virus scanner, we
depend on the bad_ext list. There aren't a lot of choices of virus
programs on the Tru64 platform, and the one that I checked on (Sophos, I
believe) is mighty pricey.
HTH...
Jim
More information about the MIMEDefang
mailing list