|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: header_check: regexp or PCRE? false positives?
From: Matt (math
mlists.ath.cx)
Date: Mon Jan 03 2005 - 15:14:01 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Roger B.A. Klorese wrote:
> On the other hand, even if foo.com.jpg is sent and is an executable, the
> suffix would cause the attachment to be extracted and typed as a jpeg --
> it's just that the name would display as foo.com. I don't see the
> problem with that, and I've never observed and dangerous behavior to the
> contrary.
Just because it cannot be seen, or hasn't been observerd *YET*, does not
mean that the possibility isn't there :) If what you mention wasn't
problematic, we wouldn't have people writing mail sanitisers, would we?
Matt
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]