"Karsten M. Self" <kmself@ix.netcom.com> [2003:10:01:07:17:43+0100] scribed: > on Tue, Sep 30, 2003 at 09:20:25PM -0500, Michael D Schleif (mds@helices.org) wrote: > > "Karsten M. Self" <kmself@ix.netcom.com> [2003:10:01:00:53:46+0100] scribed: > > > on Tue, Sep 30, 2003 at 12:11:16PM -0400, Mike Mueller (linux-support@earthlink.net) wrote: > > > > On Tuesday 30 September 2003 02:05, Karsten M. Self wrote: > > > > > Seems > > > > > like about the only way we're going to get a reasonable handle on this > > > > > barring ISPs refusing to carry executables in email format. > > > > > > > > Hear! Hear! No more attachments - period. I'll settle for elimination of > > > > any known sort of executable though. > > > > > > No. > > > > > > Specifically: executables. Various other mail 'sploits -- there are > > > some header buffer overflows, IIRC affecting LookOut -- exist and should > > > be filtered as well. But specifically, AUPs against transmission of > > > executable content, and concomittant filtering, would serve a useful > > > purpose. There are opaque formats, from zip to tarball to encrypted > > > payloads, which can be used by those sufficiently clueful to handle the > > > task appropriately. > > > > > > MIME attachments of themselves serve many useful functions. There's an > > > awful lot of baby in that bathwater. Starting with the signature on > > > this message. > > > > I agree, up to a point. > > > > What really constitutes an `executable' program -- surely *not* its file > > extension ?!?! > > That's one distinction. Specifically, the set of extensions listed at > > http://www.linuxquestions.org/questions/archive/8/2003/03/4/51848j > > There's also the binary sequence which begins any Microsoft executable. > > For the current task of restricting transmission of viral mail load by > agarware such as Outlook, use of either or both criteria in filtering / > rejecting mail would work. Yes, so long as you limit this to Microsoft operating system executables. My point is that there are dangerous executables out there that are *not* Microsoft-specific . . . -- Best Regards, mds mds resource 877.596.8237 - Dare to fix things before they break . . . - Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . --
Attachment:
pgpkHEqCfjpNB.pgp
Description: PGP signature