[Exim] File Extension Filtering Alert

トップ ページ
このメッセージを削除
このメッセージに返信
著者: James P. Roberts
日付:  
To: exim-users
題目: [Exim] File Extension Filtering Alert
Dear Exim Users:

I just stumbled upon a very interesting paper:

http://www.geocities.com/floydian_99/invisible.html

It describes the fact (which I did not previously know), that Windoze will
accept a CLSID as a valid file extension, and that it will ALWAYS hide such
extensions, whether the associated file type is normally "visible" or not.

Bottom line is, if you are filtering on file extensions (e.g. to block
executable attachments), beware of this potentially nasty trick.

I am wondering if the MIME-aware apps (such as exiscan, yes?), do their
file-type detection based on the MIME header, or on actual file contents
(embedded file header in the base64 encoded data)?

Regards,
Jim Roberts
Punster Productions, Inc.