[rescue] Re: NetApps
Phil Schilling
phils at gcstech.net
Thu Apr 8 16:03:48 CDT 2004
On Thu, 8 Apr 2004 11:48:13 -0400
Dave McGuire <mcguire at neurotica.com> wrote:
> On Apr 8, 2004, at 11:39 AM, Phil Stracchino wrote:
> >> I do not allow any *.zip files through our mail servers and i'm
> >> able to keep my job just fine. Please enlighten me with your
> >> proposed solution to the problem?
> >
> > I think the issue here is, "We're worried about viruses and
> > trojans, but
> > we're not going to bother actually SCANNING attachments, we're
> > just going to block anything that has a .zip extension without
> > bothering to check whether the filetype actually matches the
> > extension or not, so if you want to trivially defeat our pathetic
> > excuse for a security measure,
> > just rename your .zip file to .scr or something."
>
> This does indeed suck. It's a bandaid on top of a bandaid on a
> problem...the problem of course being that...
>
> EMAIL IS NOT A FILE TRANSFER MECHANISM.
>
One of my Newspaper office clients called the other day because
Postfix was refusing to send her email to the main office. It kept
telling her that it was too large to send. 30mb worth of attachments.
I gently reminded her that is why we have the ftp server.
Phil
--
Phil Schilling
GCS Tech
--
Phil Schilling
GCS Tech
More information about the rescue
mailing list