[Mimedefang] vcs extension

Brown, William wbrown at e1b.org
Mon Apr 8 10:29:11 EDT 2019

See https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2001/ms01-012

William Brown

-----Original Message-----
I just got a legitimate text vCard attachment in my quarantine with a .vcs extension. It's in the list of bad file extensions in the default filter.
Why is that? Is this extension used for some bad binary formats? Or can a vCard carry dangerous macros? I'm trying to decide whether to remove vcs from the list, since calendar files for appointments do seem like a legitimate thing to receive.

The sender was xtime, which seems to be an automotive dealer-customer management system, and it assigned application/octet-stream as the mime type of the attachment instead of a proper calendar type.

Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system.

More information about the MIMEDefang mailing list