2003-09-25T09:06:58 MightyE: > There are two methods which you can use in the writing of your > email virus scanner; you can either decode it every known way that > any client does so, [...] Alternatively you can accept it only if > it is properly encoded, [...] There's a third method, which I think is rather better than either of those. You can re-code everything into a canonical form. Some email client drop some punctuation characters in filenames? Delete all such characters from filenames. Different tools handle various i18n encoded filenames differently? Map to US-ASCII. Enforce length limits. Recode base64. Recode uuencoded chunks. Regularize non-standard MIME. Do all this canonicalization before the message hits your attachment type policy enforcement and malware scanner, so they only have to deal with the common forms that everybody handles the same. -Bennett
Attachment:
pgp2BOZKomyUc.pgp
Description: PGP signature