Good morning Mark,
You were right, the parameter m.filter_content was set to False, I believe the default. I changed it to True and it worked as expected. Thanks again.
-----Original Message----- From: Stephen J. Turnbull firstname.lastname@example.org Sent: Friday, October 2, 2020 2:54 AM To: Mark Sapiro email@example.com Cc: firstname.lastname@example.org Subject: [MM3-users] Re: How to prevent members to attach executables (exe, bat, ...) to the emails sent to list
Mark Sapiro writes:
Filtering by extension only works on message parts that have an > associated file name. Thus, while you can add things like 'exe', 'bat', > 'cmd', 'com', 'pif', 'scr', 'vbs' and 'cpl' to filter_extensions, it > won't be completely effective.
A better approach is to use MIME types and only allow those you want. For a discussion list, a reasonable set is what this list uses:
I wouldn't say "better" if you're concerned about the executables being malware. There's long history of concealing malware by giving it a MIME type different from what the extension implies, and there was at least one Windows exploit that used this technique to achieve automatic execution of malware simply by displaying the message.
Mailman-users mailing list -- email@example.com To unsubscribe send an email to firstname.lastname@example.org https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.mail...