[Mimedefang] That .com extension
Steffen Kaiser
skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Wed Jan 4 03:02:51 EST 2006
On Tue, 3 Jan 2006, Joseph Brennan wrote:
> WSJ.com - Cutting Hedge_ Law Firm Grows With Funds.pdf
>
> It must be because of the ".com " in the name.
>
> Why do we not just test the value of lc($ext), rather than pass the
> entire entity to filter_bad_filename? Is there some form of obfuscation
> in which the filename could be WSJ.com followed by random text?
This is in order to prevent using a partial name, when using invalid MIME
syntax, e.g.:
Content/type=application/octet-string;
filename=WSJ.com - Cutting Hedge_Law Firm Grows With Funds.pdf
Note the missing quotes of the filename tag.
There are reports that some MUAs ignore the text after the ".com" part
and, hence, would treat the attachment as executable file.
MIMEDefang does not know whether there are quotes or not, hence, it
assumes that they are not.
Bye,
--
Steffen Kaiser
More information about the MIMEDefang
mailing list