anomy-list

.com images defanged and dropped...

From: Marvin Herbold (96923@xyz.molar.is)
Date: Thu 09 Oct 2003 - 22:10:12 GMT

  • Next message: Marvin Herbold: "Re: .com images defanged and dropped..."

    Dilemma...

    I just added a rule to defang/drop .com attachments and the result is
    that all the inline html images get dropped. For example my email image
    signature is (as generated by Mozilla):

    <img border="0" src="cid:97018@xyz.molar.is">

    And the attachment has the file name of
    "97018@xyz.molar.is" which is why it got dropped... but it
    wasn't actually an executable, but rather a gif image... This seems to
    be a common way inline email images get sent around (at least from my
    Mozilla email client, and apparently Outlook and AOL too)... so my
    question to you all is how do I safely drop hostile .com attachments
    (read: real executables) and keep the benign images that just happen to
    have their name end in .com???

    -- 
    Marvin Herbold
    96923@xyz.molar.is
    http://www.herbold-family.com
    



    hosted by molar.is