| > Can i write a ACL which allows only specified attachments type and
| > BLOCKS all *
|
| I'm wildly guessing here, as I haven't tried to see if this actually works
| with the way Exiscan hooks into the ACLs, but how about:
|
| deny message = Bad attachment
| !demime = txt
|
| if you only wanted to allow attachments with a "txt" extension?
Interesting. Our management recently suggested a "default deny" policy
for file extensions. Quite tempting, considering the state of M$ insecurity.
I hate to think how many dangerous filetypes are not on our banned list.
Of course, outside of the M$ world these are arbitary file names. A unix
user might be mailing yesterday's results in a file called "results.thu"
and get blocked. Not really practical here.
--
Chris Edwards, Glasgow University Computing Service
