Checking file extensions based on the mime type returned by the file utility is very smart. That makes checking the mime type, based only on the client-provided mime-type a weird design choice. Is there a reason for this?<br><br><div class="gmail_quote">On 2 October 2014 15:37, Noel Jones <span dir="ltr"><<a href="mailto:njones@megan.vbhcs.org" target="_blank">njones@megan.vbhcs.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 10/2/2014 7:04 AM, Deeztek Support wrote:<br>
><br>
> I guess I was mistaken that using the mime-type was more reliable<br>
> than using a file extension since the file extension can be easily<br>
> modified also? So, if I were to ban .rar files, and someone send me<br>
> a rar file called "archive.rar" but they renamed it to "archive" it<br>
> will still be blocked by Amavis?<br>
<br>
</span>Yes, amavis uses the results of file(1) to determine the proper<br>
extension, regardless of what the attachment is named. See the<br>
notes in amavisd.conf and/or amavisd.conf-sample about the $banned_*<br>
settings for details.<br>
<span class="HOEnZb"><font color="#888888"><br>
<br>
<br>
-- Noel Jones<br>
</font></span></blockquote></div><br>