[Mimedefang] best practices for handling filename extensions

Michael Fox news at mefox.org
Thu Oct 5 00:41:34 EDT 2017

I'm looking to understand best practices with regard to rejecting filename


The example provided in /usr/share/doc/mimedefang shows a very long list of
extensions to be rejected.  I know some hosted mail providers don't allow
.exe.  It annoys me but I just change the extension and it goes through.
And I know that some providers don't allow .zip.  So folks using those
providers just change it to .piz and it goes through.


I presume this is, indeed, a little safer, since the recipient has to take
an extra step to change the extension.  And, presumably, they would only do
that if they knew what they were getting.  But I wonder if that's just the
appearance of additional security or if it's a true improvement.


So, what do the folks here with much more experience than I do, and why?


Thanks much,



More information about the MIMEDefang mailing list