Ah, yes. Thanks for the sanity check. Wasn't even thinking about that... -Shanw ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CIT7 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-2855 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: David Farinic [mailto:davidf@xxxxxxx] Sent: Thursday, August 22, 2002 11:34 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: blocking mp3 encapsuled in php pages http://www.ISAserver.org This doesn't work on some php generated mp3 files (as they don't use content types u described). Content type defines type of file but even windows sometimes doesn't care and performs binary header type checking of file object ITSELF! Because of this unclear definition of definition what file type is and how it will be open there have been lot of exploits in IE. I hope it will be simplified in future releases of IE and other browsers and OSes. Just my 2c. Regards . -----Original Message----- From: Quillman Shawn (RBNA/CIT7) [mailto:Shawn.Quillman@xxxxxxxxxxxx] Sent: Thursday, August 22, 2002 5.18 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: blocking mp3 encapsuled in php pages http://www.ISAserver.org Use a content group. A php still has to return a content type when it sends something back to a file, so block the content type for mp3. Either block the whole Audio content group or create one for only mp3's and add audio/mp3 and audio/x-mp3. -Shawn ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CIT7 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-2855 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: minet [mailto:minet@xxxxxxxxxxxxx] Sent: Thursday, August 22, 2002 10:17 AM To: [ISAserver.org Discussion List] Subject: [isalist] blocking mp3 encapsuled in php pages http://www.ISAserver.org i would like to know how to block mp3 downloads when they are encapsuled in php thank you very much ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: davidf@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') This mail was content checked for malicious code and viruses by GFI MailSecurity. GFI MailSecurity provides email content checking, exploit detection and anti-virus for Exchange & SMTP servers. Spam, viruses, dangerous attachments and offensive content are removed automatically. Key features include: Multiple virus engines; Email content & attachment checking; Exploit shield - email intrusion detection & defence; Email threats engine - analyses & defuses HTML scripts, .exe files & more. In addition to GFI MailSecurity, GFI also produces the GFI FAXmaker fax server & GFI LANguard network security product ranges. For more information on our products, please visit http://www.gfi.com. This disclaimer was sent by GFI MailEssentials for Exchange/SMTP. ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')