My apologies for the delay in getting the url from MS. At one point, there
was a specific Q article on dangerous extensions, but I can't seem to find
the link in my old email or through their search engine, but they do have
the extensions listed here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;291369
----- Original Message -----
From: "Sheldon Hearn" <sheldonh@???>
To: "Jerry Bell" <jerry@???>
Cc: "Leonardo Boselli" <leo@???>; <exim-users@???>
Sent: Thursday, August 21, 2003 3:30 AM
Subject: Re: [Exim] Blocking sobig.f
On (2003/08/20 18:15), Jerry Bell wrote:
> That is true. Fortunately, there are relatively few people who can
execute
> perl and tcl files on their windows machines. The extensions that are
> blocked below actually come from a recommendation by Microsoft on what
> attachments are 'dangerous' and probably should be blocked.
Do you have a reference to Microsoft's recommendation? That'd make it a
lot easier for me to motivate for blocking the whole list.
I currently have pif and scr blocked, and WOW is it saving the virus
scanner a lot of work. :-)
And exim-4.22/exiscan-acl seems to handle the extensions case
insensitively, which is fantastic. So all you'd need would be
demime = ade:adp:bas:bat:chm:cmd:com:cpl:crt:exe:hlp:hta:\
inf:ins:isp:js:jse:lnk:mdb:mde:msc:msi:msp:mst:pcd:pif:\
reg:scr:sct:shs:shb:url:vb:vbe:vbs:wsc:wsf:wsh
One thing.... Are you sure about "url"? Isn't that used to "attach
links"? I don't use a Wintendo mail client, so I don't know.
Ciao,
Sheldon.
--
## List details at
http://www.exim.org/mailman/listinfo/exim-users Exim
details at
http://www.exim.org/ ##
