[Esd-l] Whitelist instead of blacklist for attachment names

[Kenneth Porter]

In firewall design one typically sets a default policy of dropping all
but a few specified connection types. How about doing the same with
email attachment names? This should be far easier to police than the
evolving poisoned filename list.

Attachments with malformed names should be rejected immediately, on the
assumption that they're malicious.

To start, it would be nice to log a list of attachment names over time
on the gateway, to get a representative sample of the kinds of
legitimate attachments that are seen.