12-01-2015 07:58 AM
If we agree on a list of probable safe extensions to allow, and block any other type of extension. Would it be easier to specify rather than list the list of probable unsafe extension?
Any thoughts?
Solved! Go to Solution.
12-03-2015 07:39 PM
Hey Mustapha,
That would be easier to implement if you have a specific list of attachment filenames/types you wish to allow but block all the rest.
However with very large stream of attachment filenames and types available, this can be considered a very strict setup that may cause some false positive matches.
It may be better to run a filter to check for 'executable' filetypes (mime types) as well as an additional condition to block some common filenames which you do not wish to allow.
Regards,
Matthew
12-03-2015 07:39 PM
Hey Mustapha,
That would be easier to implement if you have a specific list of attachment filenames/types you wish to allow but block all the rest.
However with very large stream of attachment filenames and types available, this can be considered a very strict setup that may cause some false positive matches.
It may be better to run a filter to check for 'executable' filetypes (mime types) as well as an additional condition to block some common filenames which you do not wish to allow.
Regards,
Matthew
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide