on Tue, Sep 30, 2003 at 12:11:16PM -0400, Mike Mueller (linux-support@earthlink.net) wrote:
> On Tuesday 30 September 2003 02:05, Karsten M. Self wrote:
> > Seems
> > like about the only way we're going to get a reasonable handle on this
> > barring ISPs refusing to carry executables in email format.
>
> Hear! Hear! No more attachments - period. I'll settle for elimination of
> any known sort of executable though.
No.
Specifically: executables. Various other mail 'sploits -- there are
some header buffer overflows, IIRC affecting LookOut -- exist and should
be filtered as well. But specifically, AUPs against transmission of
executable content, and concomittant filtering, would serve a useful
purpose. There are opaque formats, from zip to tarball to encrypted
payloads, which can be used by those sufficiently clueful to handle the
task appropriately.
MIME attachments of themselves serve many useful functions. There's an
awful lot of baby in that bathwater. Starting with the signature on
this message.
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
A guide to GNU/Linux backups:
http://kmself.home.netcom.com/Linux/FAQs/backups.html
Attachment:
signature.asc
Description: Digital signature