RE: Attachment Filter

["Dan Tappin" <dan.tappin@xxxxxxxxxxxxxxx>]

If all goes well you should get this message:

 

*.exe

 

Thanks,

Dan

> -----Original Message-----
> From: Elton [mailto:ehd@xxxxxxxxxxx]
> Sent: Wednesday, June 11, 2003 3:27 PM
> To: post_office@xxxxxxxxxxxxxxx
> Subject: Re: Attachment Filter
> I'm not sure this solves your problem, but you can exclude
> tenon.com (for the list to get by your filter) and local domains in
> the source. There can't be many valid users typing "dot-exe"
> in a string(?), if so exclude their domains; ie:
>
> Source
> ------
> Src.Addr *tenon.com NOT AND
> Src.Addr *yourdomain1.com NOT AND
> Src.Addr *yourdomain2.com NOT
>
>
> Destination
> -----------
>
> Header
> ------
>
> Body
> ----
> Text *phrase1*|*Phrase1|*PHRASE1* - remember body_filters are case
> sensitive
>
>
> Elton
>
> On Wednesday, June 11, 2003, at 04:06 PM, Dan Tappin wrote:
> > First off can someone point me to the PO list archive - I
> > have lost the link.  It is beyond me why Tenon does not post
> > this on their site!
> >  
> > What is the best way to filter for attachments?  I have added a
> > body filter that traps my specified 3 character file extension but it
> > also traps plain text (i.e. *.abc, *.xyz etc).
> >  
> > For example I currently have the following blocked:
> >  
> > exe
> > pif
> > scr
> >  
> > Which works great.  All those great Windows bugbear viruses get
> > blocked.  The only issue is that if I type star-dot-exe in any
> > message this also gets blocked.  I hope this makes sense.  I
> > can't actually type an example with out my server blocking it.
> >  
> > I also tried *.*.abc because these viruses hide the real extention
> > behind a fake one (i.e. filename.abc.xyz).
> >  
> > Any ideas / suggestions from the list?
> >  
> > Thanks,
> >  
> > Dan
> >  
> > P.S.
> >  
> > Windows sucks :^)