[Spambayes] Why I added src=cid: etc

Matt Sergeant msergeant@startechgroup.co.uk
Tue Nov 5 10:29:04 2002

Rob W.W. Hooft said the following on 05/11/02 07:14:
> Matt Sergeant wrote:
> [on viruses]
>>Yeah, I've got some neat results just from classifying file extensions. 
>>The double extension ones are especially good ;-)
> 2-line virusscanner in /etc/postfix/body_checks:
> /^(Content-(Type|Disposition):.*|[[:space:]]*(file)?)name=("[^"]*|[^[:space:]]*)\.(exe|com|scr|pif|bat|lnk|dll|vbs|js)/ 
> /^Content-Type:[[:space:]]*audio\// REJECT

Never REJECT on file extension. Only ever ACCEPT! This is the same rule 
as firewalling - never close off insecure ports, only open the ones you 
know are secure and/or needed.