[Esd-l] Stripping Attachments?
paul at cuenet.com
Sun Jan 13 14:32:00 PST 2002
On Sun, 13 Jan 2002, John D. Hardin wrote:
> NB: .eml is hazardous, as it's typically base64 encoded and thus not
> (yet) subject to defanging or attachment rules. Also note that .rtf
What do you mean 'attachment rules', it's at least 'mangled'?
> doesn't necessarily mean what you think. There was a Word virus a
> while back that saved things in .DOC format files with .RTF filenames,
> thus permitting them to contain macro viruses even though .RTF is not
> macro-enabled. Word doesn't care, it'll happily open the file
> regardless of the filename.
How does the sanitizer handle .rtf other than mangling?
"Yesterday's the past and tomorrow's the future. Today is a gift - which
is why they call it the present."
More information about the esd-l