Results 1 to 1 of 1

Thread: Why the EML file extension is considered dangerous?

  1. #1
    Join Date
    May 2008
    Location
    Bulgaria
    Posts
    946

    Why the EML file extension is considered dangerous?

    EML is a file extension for an e-mail message in the MIME RFC 822 standard. Some programs like Outlook use it and some Windows-based webmail software too. For example the biggest Bulgarian e-mail provider abv.bg is packing the original message in EML file when users use the "Forward" function (to forward one e-mail message to another address).

    The /etc/system_filter.exim file has a list of dangerous file extensions such as executable files, batch files, vbscripts, etc. One of the extensions is eml. This is effectively blocking some legit e-mails which are not from spammers.

    What is the reason for blocking eml? Sure it can itself contain attachment with executable file (for example); however I think that a recursive scan (to a certain dept to prevent "bomb" over which it can be blocked) should be more effective than the "big axe" of cutting all messages with eml attachments.
    Last edited by wattie; 08-23-2019 at 08:14 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •