Content ID Revisited

From: Rick Johnson (
Date: Thu 15 Jan 2004 - 18:27:07 GMT

  • Next message: Rick Johnson: "More on Content ID Revisited"

    I posted this a while back, but we still haven't seen an answer.

    Other than allowing .com extensions, is it possible to look at filename
    instead of Content-ID for defanging?

    Embedded images are put in like:, and the header also includes a filename
    of image.gif or image.jpg.

    Presently, the .com is detected as a filename, and subsequently dropped.

    I'm considering a rule which looks for .com, but excludes *@*.com, but doing
    that concerns me as well since it won't be long before someone exploits that


    Rick Johnson, RHCE #807302311706007 -
    Linux/Network Administrator - Medata, Inc.
    PGP Public Key:

    hosted by