[Mimedefang] Exporting an eml file from MIMEDefang
David F. Skoll
dfs at roaringpenguin.com
Mon Oct 18 13:18:12 EDT 2010
On Mon, 18 Oct 2010 13:06:58 -0400
Kris Deugau <kdeugau at vianet.ca> wrote:
> Well, the idea is to block malicious Subject: lines from causing
> problems by writing somewhere on the filesystem you didn't expect...
> only allowing a small subset of the available characters and
> replacing everything else with an underscore is quite reasonable IMO.
So if ten messages come in with the same subject, then... what?
Here is my rule:
Never[*] name files based on user-input
Regards,
David.
[*] Well, almost never. Obviously, if you're writing a mail client, the
"Save Attachment" feature should take the supplied filename parameter
as a suggestion...
More information about the MIMEDefang
mailing list