Kevin Shanahan wrote:
> On Wed, 2004-01-28 at 08:12, Peter Mueller wrote:
>>"Somecompany.com.doc" got DEFANGED. I want to allow it through. What would
>>I have to change?
>>file_list_1 += |url|exe|ws[cfh]|ops|com|prx))\s*
>>file_list_2 += |[ch](pp|\+\+)?|s|inc|asm|patch|java|php\d?|jsp|bas)
> I suggest ending both file list regex with \s*$ to make sure you're
> matching against the end of the file name.
If the recipients use MS Outlook or Outlook Express, it's dangerous to
filter attachments based only on last file extension. See
Outlook Express in particular has a flaw where it can launch an
attachment based on the *middle* of three extensions... e.g.
".txt.exe.jpg" can be run as an executable. See
It's not unreasonable to ask senders to avoid multiple extensions in
attachment names (except maybe for common exceptions like .tar.gz and