[Dshield] Delayed Attachment Delivery?

Christophe Rome asrgchr at yahoo.com
Tue Mar 2 14:13:45 GMT 2004


Shawn Cox <shawn.cox at pcca.com> wrote:From: "Shawn Cox"

To: "General DShield Discussion List" 

Subject: Re: [Dshield] Delayed Attachment Delivery?
Date: Mon, 1 Mar 2004 09:53:18 -0600

> You can scan all day recursively through a .zip file
> but if you haven't
> gotten a virus signature from your vendor you are 
> just going to pass the
> virus right through your gateway.

Exactly!

Not long ago we were pretty safe stopping all
attachments except .zip at the mail gateway. We asked
all senders to include only zip files. Our end-users
in NT wouldn't be able to directly open the .zip
attachments by double-clicking. They had to manually
open them by using winzip. They would know what they
were doing. But today, while running these XP clients,
opening .zip attachments happens by simple
mouse-click.

What's the next step? Delaying 'suspicious'
attachments doesn't seem smart businesswise. Do we
really need to block all attachments coming in through
e-mail and find another way to get these important
files reach our end-users? 

Any suggestions?

Christophe.

__________________________________
Do you Yahoo!?
Yahoo! Search - Find what you’re looking for faster
http://search.yahoo.com




More information about the list mailing list