On Sat, 15 Dec 2001 03:11:29 GMT, Hermann Wecke <hermann@rodeios.com> said:
isn't it easier to stick a procmail recipe into the NANOG mail system dropping double extension files and other highly dangerous extensions, such as .scr, .lnk, .com, .dll, .pif and others???
Well.. that's closer than trying to restrict it based on size. It's still wrong though, because the filtering *should* be done based on the MIME type. Of course, the whole *problem* here is that malware is able to wave its little digital arms, hop up and down, and say: "I'm a text/plain called whoops.exe - of course it's safe to run me, who ever heard of a malicious text/plain?!" Personally, I'd recommend a controlled burn, except that we've been having one every 2 weeks already. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech