[Esd-l] Badtrans signature for local-rules
Bjarni R. Einarsson
bre at netverjar.is
Mon Nov 26 14:17:01 PST 2001
On 2001-11-27, 08:22:18 (+1100), Howard Lowndes wrote:
> I'm confused.
> If I am already trapping double extensions using the sanitizer then
> haven't I already secured myself. Why this extra selection?
Hehe, no reason at all if your only goal is security - that's what the
sanitizer and systems like it (like my Anomy) are all about.
But notice that John's rule adds more precise information on why
exactly the message is risky, as well as adding a header allowing the
entire message to be discarded by following rules if you so desire.
If I understand correctly this is primarily a usability issue for
people already using the sanitizer - but the rule is also useful even
if you aren't using the sanitizer (which justifies John posting it to
the procmail list).
Bjarni R. Einarsson PGP: 02764305, B7A3AB89
bre at klaki.net -><- http://bre.klaki.net/
Check out my open-source email sanitizer: http://mailtools.anomy.net/
More information about the esd-l