[Esa-l]Double Extensions

Michael Masse mrm at medicine.wisc.edu
Wed May 23 09:35:58 PDT 2001

   I'm curious as to whether I'd be making our system more vulnerable by
removing the portion in the scanner to block filenames with double extentions.
We will still block all vbs, scr, etc...      We do not scan for macros, nor
do we mangle filenames on .doc or .xls.    I keep getting lots of false
positives because of people sending files with names like: fred.12.doc...
We do macro and virus scanning right after the procmail scanner as well.

Thanks for your time.

More information about the esd-l mailing list