I am exposing a WCF service which allows a third party to upload files. It has been open until now as to what files you can upload as this is the first phase, but for phase two I might have to increase security.

Is there an easy way in C# of verifying that a file is firstly not an exe, and that the file contents matches the extension?

I have logged the files that people have uploaded, and the first handful of bytes, and so far have come up with some info like this,

pdf 25 50 44 46 2D 31 2E
jpg FF D8 FF E0 00 10 4A 46 49 46 00 01
doc D0 CF 11 E0 A1 B1 1A E1 00 00 00 00 

etc. Is it a fixed number of bytes that determine what file type it is? Also is there a list of this type of data around.

Do I need to take the data I collect above and roll my own C# code to check the file, or are there existing libraries or code samples that do what I am after?