An attachment with this name was snagged as an executable by the example filter_bad_filename routine:
WSJ.com - Cutting Hedge_ Law Firm Grows With Funds.pdf It must be because of the ".com " in the name. Why do we not just test the value of lc($ext), rather than pass the entire entity to filter_bad_filename? Is there some form of obfuscation in which the filename could be WSJ.com followed by random text? Joe Brennan _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang