Forums Feature Suggestions Update list of high-risk executable files for DCC

I could add a few more items to the "ignore list" but it is not meant to be a comprehensive list and is just an example list that users can update. Any new additions would be arbitrary since there are so many criteria for deciding what is or is not dangerous. Should only directly executable extensions be included? How about script extensions, such as perl, python, php, and so on, which might be automatically run if the user has those script languages installed and they double-click on a file with that extension? How about files such as documents, spreadsheets, powerpoints, and so on, that can contain macros? How about certificate files, such as .cer, .crt, .der, that can install malicious certificates? How about extensions that are normally safe but are often the targets of newly discovered exploits? And so on.

I looked through a number of websites that list potentially dangerous file extensions and ended up with a list of 160+ extensions related to scripts, macros, executables, system files, and configuration files. Most applications, security or otherwise, warn/block a very small, arbitrary subset of these extensions. They also exclude some extensions that are often the target of exploits because they are popular formats.

Basically, I am not sure mIRC is the ideal arbiter of what files should be ignored. The files in the "accept" and "ignore" list are just a starting list. The "accept list" is enabled by default with a small number of popular extensions, so ideally users would just add extensions that they want to accept to this list. Using the "ignore list" probably is not a good idea as the list can never be comprehensive. It really is up to the user to decide which files to accept/ignore and to make sure that they have anti-virus/security software installed.

Update: Updated post after more research.