 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
"David Backeberg" <dave at math.mit.edu> wrote: >> - Reject binary MIME attachments, especially zip/pif/exe. > > I can understand doing this for a personal server, but an amazing number > of people use zips for legitimate file transfer. ... The one time I ever infected my own Windows PC with a virus was a year or two ago, when I carelessly clicked on a zip file sent to me in an innocuous-looking message. Somehow the virus program itself started, I'm not sure how, but there is apparently a way for a zip file to auto-execute its contents before they can be inspected. Lesson learned, one that I hope others learn the easy way. If I were running my own ISP or commercial email service today, I would block zip files by default (allowing the subscribers to override this in their subscriber configuration page), and provide some other convenient method for correspondents to transfer data securely. The rejection message for zip attachments would point to a URL describing this method. As you point out, even at large sites where lots of legitimate use of Windows zip attachments is done, the overwhelming majority of zip attachments sent over SMTP port 25 are bandwidth-hogging virii. -rich
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
