[Dshield] Password protected Bagle.F
Jon R. Kibler
Jon.Kibler at aset.com
Tue Mar 2 15:08:55 GMT 2004
John Hardin wrote:
> Why would I want to accept a zipped executable file attachment from some
> random user on the Internet at large, whatever it may be named? In the
> majority of cases such messages can be automatically quarantined or
> discarded outright.
> ... If for some reason I want to be able to receive
> (zipped) executable attachments from the world at large, I will set up a
> special account that accepts them, and only that account will accept
> them, and messages in that account will get special scrutiny.
I couldn't agree more. The problem is that our views are in the minority.
If we receive an email with an attachment, we quarantine the attachment
and replace it in the email with a URL to the quarantined file and a
stern warning to the recipient that they were sent an unsafe attachment
of unknown contents and it would be exceedingly dangerous to open this
attachment unless the recipient was expecting it and knows in advance
what are its contents. A notification is also sent to our mail admin who
will hopefully have a chance to examine the attachment before someone
decides to open in.
Jon R. Kibler
Chief Technical Officer
Charleston, SC USA
Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.
More information about the list