Date: Tue, 4 Dec 2001 22:47:45 -0500 From: Anthony Schneider <aschneid@mail.slc.edu> To: Anthony Kim <niceshorts@yahoo.com> Cc: Alfred Perlstein <bright@mu.org>, Len Conrad <LConrad@Go2France.com>, freebsd-security@FreeBSD.ORG, jmb@FreeBSD.ORG Subject: Re: block double suffix attachments? Re: Mail list is posting gone virus!!!! Message-ID: <20011204224745.A80613@mail.slc.edu> In-Reply-To: <20011205021654.GA31554@boethius.telocity.com>; from niceshorts@yahoo.com on Tue, Dec 04, 2001 at 08:16:54PM -0600 References: <01d701c17d10$a8b334b0$0001300a@lhtech.lhtek.com> <C1EC3AA970F8D311BA4D0050BAB07BA870491B@nhex1101.cologic.co.nz> <4.3.2.7.2.20011204172959.04d112e0@localhost> <5.1.0.14.2.20011204193019.05f01c18@mail.Go2France.com> <20011204194431.E92148@elvis.mu.org> <20011205021654.GA31554@boethius.telocity.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Dxnq1zWXvFF0Q93v Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable It couldn't hurt to block out double extensions and simply make that public. There's little load wasted on spotting a double extension, replying to the sender that double extensions are not allowed, and waiting for the sender to resend without the double extension. Same goes with bandwidth. Plus, how many attachments with double extensions are actually posted to freebsd-security? I've seen very few, personally. -Anthony. On Tue, Dec 04, 2001 at 08:16:54PM -0600, Anthony Kim wrote: > On Tue, Dec 04, 2001, Alfred Perlstein wrote: >=20 > > Blocking double extentions is a real pain because people may > > elect to send .gz or .bz2 or a myriad of other legit formats. > > I guess in the face of this obnoxious plague it may make sense > > to drop all attachments that contain double suffix attachments > > with the exception of .gz and .bz2. I know I've most likely > > forgotten an important extention, but we can add those as the > > need arises? >=20 > and .Z >=20 > You've got to consider, people send all sorts of weird filenames. > mtr.c.patch or ncurses.ru.uu or bill_me.c.diff or > BSD.include.dist - you get the idea. >=20 > At work we focus on the AV recommended most wanted, .pif, .exe., > .vbs, .scr, .shs, but this list is getting longer and longer :( > --=20 > "Le motd juste." >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message --Dxnq1zWXvFF0Q93v Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjwNmOAACgkQ+rDjkNht5F1NWwCfU445RGTPCbtpW9SIFGhe0Cjv iyAAn1YFcVCP3+1OnTMkSbf0nW9vHv6n =iHDG -----END PGP SIGNATURE----- --Dxnq1zWXvFF0Q93v-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011204224745.A80613>