MANGLE_EXTENSIONS list

Wed Jan 11 13:43:38 PST 2006

Not a bad idea, but -

Given you can reliably identify the sources... 

(I allow certain extensions from internal, WAN 
 and trusted external sources to bypass the 
 mangler using sending-mailserver name/IP Address 
 [see below] )
Could you not do something with/like the `local_windows_docs.procmail`
work-around? 
Perhaps in the short-term...

Bon courage.

-Dave
--------------------------
<frag>

:0
# localnet
* ! ^Received:[^(]+\([^ ]+ +\[987\.654\.1\.[0-9]+\]
.
.
.
# trusted external server #n
* ! ^Received:[^(]+\([^ ]+ +\[123\.456\.789\.123+\]

        { }

        :0 E
        {
	# cut out of the MANGLE list those you're prepared to accept
                MANGLE_EXTENSIONS='html?|exe|com|cmd|bat|pif|sc[rt]|lnk|dot|xl[w
t]|p[po]t|vb[se]?|p[lm]|sh[bs]|hlp|chm|eml|ws[cfh]|ad[ep]|jse?|md[aew]|ms[ip]|re
g|asd|cil|pps|asx|wm[szd]|nws|\{[-0-9a-f]+\}'

	# and let the .docs and .xlses &c through
                SECURITY_POISON_WINEXE=
                }

</well, not so frag>

--------------------------

-----Original Message-----
From: Michael Masse [mailto:mrm at medicine.wisc.edu] 
Sent: 11 January 2006 18:32
To: esd-l at impsec.org
Subject: MANGLE_EXTENSIONS list

Is it possible to have the MANGLE_EXTENSIONS list come from a separate
text file?     If not, I'd like to request this for a future version.   
 Upgrading is essentially painless except for when I forget to modify
the mangle extensions list to our own liking, and attachments I prefer
to have other software deal with start getting mangled all of a sudden. 
 If it was in a file this would not even be an issue.

Thanks John for making this available.

Mike