[Dshield] smart spam
lsaplai at megassistance.com
Fri Mar 25 01:30:54 GMT 2005
On 23 Mar 2005 at 19:31, Taps wrote:
> => It is probably not new to some/most of you but I find some
> => spammers are getting smarter! Fortunately, (1) the "harmful"
> => content of the message was simply a .gif ad, (2) I am
> => displaying the text version of the message by default (If
> => there is one) and (3) I (and all my office) am using a mail
> => client that is imprevious to any kind of malware (Pegasus
> => Mail from David Harris). However, some less fortunate
> => persons could have found themselves stacked by malware right away.
> Umm..... I would never tout any product "as impervious". Its just
> asking for trouble.
Thanks for your comments Taps.
I know about this one, I did it "on purpose". Of course there are situation that will crash
Pegasus (there's a nasty gif image that tends to crash the current version. This is
apparently fixed in the next release) and somebody might be able to design malware
targeting it (There was a virus a few years back that was using a design flaw, but
nothing major and it was quickly fixed). However, Pegasus is safe in the sense that it
will not execute anything automatically: it is simply not designed for that. So any virus,
malware, script... that is received will simply sit there until the user takes an action.
There are a whole bunch of extensions that Pegasus would simply refuse to launch.
The user would have to save to disk and launch from there. Furthermore it will not
download any component (linkded images...) from the Internet without a specific
request from the user and then it will only do it after a lengthy warning.
So, of course it is not impervious but it is fairly safe, as long as your users behave
It is part of my policy to implement application that have a good reputation in terms of
security. I do not feel that I am trading off for ease of use in any way. I just try to keep
application where they belong: restricted to the desktop, to the LAN or allowed to go on
the Internet (web browser and anti-virus update only). It works well for us.
More information about the list