[Spambayes] Why I added src=cid: etc

[Matt Sergeant]

Rob W.W. Hooft said the following on 05/11/02 07:14:
> Matt Sergeant wrote:
> [on viruses]
> 
>>Yeah, I've got some neat results just from classifying file extensions. 
>>The double extension ones are especially good ;-)
>>
>>Matt.
> 
> 
> 2-line virusscanner in /etc/postfix/body_checks:
> 
> /^(Content-(Type|Disposition):.*|[[:space:]]*(file)?)name=("[^"]*|[^[:space:]]*)\.(exe|com|scr|pif|bat|lnk|dll|vbs|js)/ 
> REJECT
> /^Content-Type:[[:space:]]*audio\// REJECT

Never REJECT on file extension. Only ever ACCEPT! This is the same rule 
as firewalling - never close off insecure ports, only open the ones you 
know are secure and/or needed.

Matt.