[rescue] Re: NetApps
Dave McGuire
mcguire at neurotica.com
Thu Apr 8 10:48:13 CDT 2004
On Apr 8, 2004, at 11:39 AM, Phil Stracchino wrote:
>> I do not allow any *.zip files through our mail servers and i'm
>> able to keep my job just fine. Please enlighten me with your
>> proposed solution to the problem?
>
> I think the issue here is, "We're worried about viruses and trojans,
> but
> we're not going to bother actually SCANNING attachments, we're just
> going to block anything that has a .zip extension without bothering to
> check whether the filetype actually matches the extension or not, so if
> you want to trivially defeat our pathetic excuse for a security
> measure,
> just rename your .zip file to .scr or something."
This does indeed suck. It's a bandaid on top of a bandaid on a
problem...the problem of course being that...
EMAIL IS NOT A FILE TRANSFER MECHANISM.
-Dave
--
Dave McGuire "PC users only know two 'solutions'...
Cape Coral, FL reboot and upgrade." -Jonathan Patschke
More information about the rescue
mailing list