.com images defanged and dropped...

From: Marvin Herbold (
Date: Thu 09 Oct 2003 - 22:10:12 GMT

  • Next message: Marvin Herbold: "Re: .com images defanged and dropped..."


    I just added a rule to defang/drop .com attachments and the result is
    that all the inline html images get dropped. For example my email image
    signature is (as generated by Mozilla):

    <img border="0" src="">

    And the attachment has the file name of
    "" which is why it got dropped... but it
    wasn't actually an executable, but rather a gif image... This seems to
    be a common way inline email images get sent around (at least from my
    Mozilla email client, and apparently Outlook and AOL too)... so my
    question to you all is how do I safely drop hostile .com attachments
    (read: real executables) and keep the benign images that just happen to
    have their name end in .com???

    Marvin Herbold

    hosted by