On Thu, 30 Sep 2004, Jim Hatfield wrote:
> I see that .vcs is listed in filter_bad_filename. I think David got those extensions from a list that Microsoft published at one time. At my site, I pared the list down considerably, to a list of about 10 or so that are commonly used to send mail bombs. .vcf isn't one of them. > If anyone can tell me what the danger of these files is, > I'd appreciate it, then I can decide whether to risk > letting them in. The problem is, some file types will execute, rather than launch the application that they are associated with. I just did an experiment by making a copy of Notepad.exe, renaming it to jim.vcf, and launching it. Had this actually launched Notepad, I would say that it would be too risky to let the file type pass. However, it did indeed launch the Windows Address Book (although all the fields were empty). Now while it may be possible to craft a .vcf file that would corrupt WAB and make it do something unintended, it appears that someone cannot just rename a malicious executable to something.vcf and have it run. My $0.02 says to let them in. HTH... Jim McCullars University of Alabama in Huntsville _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang