Hi all,
Currently, SMTP entities will calculate MD5 hashes for the following
filetypes by default: application/x-dosexec, application/x-executable. I
was a little surprised that common e-mail attack vectors like zip and PDF
files don't have this hash calculated by default. I propose extending the
default to also include application/zip and application/pdf. I think this
is good default functionality, that won't cause a noticeable performance
hit.
Thoughts? Any other filetypes that would be useful to add there, while
we're at it?
--Vlad