Functionality: Receiving files - mIRC-scripts/dlFilter GitHub Wiki

One of the biggests security risks with mIRC is that mIRC's file transfer process works by other users sending you files rather than by you getting them from other users. (The process may appear to be a "Get" process when you issue a trigger to get a file, but under the covers this is simply a request for the server to send you a file.)

Yes - there are security measures in mIRC to try to control unsolicited sends, but these are optional and even if you have them set, then it is still possible for you to be fooled into accepting a malicious file.

As an example, suppose you request a file from user Server1 with a trigger !Server1 MyGame.exe - you send this request in the channel where anyone else in the channel can see you send it. Another user Serverl (spot the difference - a lower-case L instead of the numeric one) watches for requests like yours and before Server1 can reply they send you a file MyGame.exe. Yes, if your mIRC options are ok, then you might get a pop-up security box asking you to Accept the file, but most people would not spot the difference. They might then get an identical looking pop-up when Server1 tries to send you the file as well, but you might click Cancel on that one thinking it was a duplicate.

dlFilter's firewall attempts (as best it can) to prevent this from happening. When you issue a file request with one of the following methods, it logs that request:

  • @ trigger such as @searchxxx file name or @Server to get a list of files
  • ! trigger such as !Server file name.doc

Then when a server attempts to send you a file, it matches the server name and the name of the file against the requests you have made, accepting the file if you have requested it and blocking it if not:

  • @ triggers
    • server name must match trigger
    • file name must contain server name
    • file extension must be txt, zip or rar
  • ! triggers
    • server name must match trigger
    • file name and extension must match request

In addition, an extensive list of dangerous files extensions are blocked.