[unisog] Dropping executables - who does it?

Russell Standish R.Standish at unsw.edu.au
Tue Feb 3 00:10:44 GMT 2004


Why not simply change the mime type to application/data? I would take
the attitude that no email should be executable, but that people may
legitimately want to send an executable file to someone as data. If
the attachment was marked as application/data, the user can only save
the executable - they would have to deliberately run the executable,
and at some point we have to assume users know what they're doing.

On Mon, Feb 02, 2004 at 01:01:13PM -0500, Thomas DuVally wrote:
> With the fun we are all having with viruses, we are wondering how many
> institutions are just dropping executable attachments all together. 
> It's something that I know a lot of virus/mail gateway software can do,
> but are a lot of schools doing that?
> 
> We have a policy to try and deliver as much as possible, but I think we
> are coming up against the practicality of having to protect users. 
> Anti-virus companies can create defs pretty fast, but mydoom still
> infected thousands of machines worldwide before they were available. 
> Dropping executables (exe, com, pif, scr, bat) would have been better
> insulated us, if not protected (zip).
> 
> Anyone doing that?
> 
> -- 
> Thomas J. DuVally
> Lead Systems Prog.
> CIS, Brown Univ.
> 
> GPG fingerprint = FB59 8265 0865 0CB8 94B5 FC26 F573 F09C 15F2 33F6



-- 


----------------------------------------------------------------------------
A/Prof Russell Standish            	 Director
High Performance Computing Support Unit, Phone 9385 6967, 8308 3119 (mobile)
UNSW SYDNEY 2052                     	 Fax   9385 6965, 0425 253119 (")
Australia            			 R.Standish at unsw.edu.au             
Room 2075, Red Centre                    http://parallel.hpc.unsw.edu.au/rks
            International prefix  +612, Interstate prefix 02
----------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20040203/229f3110/attachment-0003.bin


More information about the unisog mailing list