Dear Exim Users:
I just stumbled upon a very interesting paper:
http://www.geocities.com/floydian_99/invisible.html
It describes the fact (which I did not previously know), that Windoze will
accept a CLSID as a valid file extension, and that it will ALWAYS hide such
extensions, whether the associated file type is normally "visible" or not.
Bottom line is, if you are filtering on file extensions (e.g. to block
executable attachments), beware of this potentially nasty trick.
I am wondering if the MIME-aware apps (such as exiscan, yes?), do their
file-type detection based on the MIME header, or on actual file contents
(embedded file header in the base64 encoded data)?
Regards,
Jim Roberts
Punster Productions, Inc.
