[Spambayes] Why I added src=cid: etc
Mon Nov 4 16:48:46 2002
[Matt Sergeant, on virus/worm detection]
> Yeah, I've got some neat results just from classifying file extensions.
> The double extension ones are especially good ;-)
GregW's is a bit of Perl that scans for file extensions, and my work account
does some double-extension detection. They're very effective but Draconian.
For example, I maintain the Python Windows distribution, and the former
prevents users from sending me .exe files directly; the latter prevented a
coworker two weeks ago from sending error-log files because he named them
"xyz.good.log" and "xyz.bad.log". It seems a very curious thing to me that
email admins seem generally happy to accept false positives when it comes to
suspected virus/worm stuff. Then again, it's not a very surprising thing