[rescue] Notify about your e-mail account utilization.
Steve Sandau
ssandau at gwi.net
Wed Mar 17 11:17:53 CST 2004
>>Hear, hear! As the postmaster of my small office, it is nice to be able
>>to look at any suspicious attachments on my SPARC Solaris workstation
>>without worries. I do block windoze executables, but I still (for now!)
>>let zip files through.
>
>
> Lots of places let zip files through, which is why you're seeing
> more zip attachments. Some places do a virus scan on zipped
> attachments, which is why you're seeing files zipped with a password
> included in the text of the message.
>
> Our IT department recently sent out an email that due to virus concerns,
> files with certain extensions were being blocked and that if you
> needed to email such a file to someone, you should simply change the
> extension to .txt.
>
At least it requires some connscious effort on the part of a user to get
the file. It can't be opened by "accident" as easily. Fortunately,
that is also true of the recent password-protected viruses. Obviously
that is indeed done to defeat scanning. Otherwise it's kind of like me
giving you a box, but for "security's sake" I have locked it and taped
the key to the top of the box...
I use something called Inflex to examine email attachments. It looks at
the magic number (?) of the attachment. Regardless of the name, it
blocks anything executable by Windows. I don't know if it is as smart
with zipped files or not. I hope so, but there are several different
types...
Steve
More information about the rescue
mailing list