[unisog] Phishing targeting University Admissions

Christopher A Bongaarts cab at tc.umn.edu
Wed Jun 16 23:02:09 GMT 2004


In the immortal words of Guy Reisenauer:
> 
> There is another solution to outright banning "data" extended files such
> as zips, rtf, etc.  Anomy-sanitizer and other server level software can
> "defang" them by renaming the file.  The advantage is the user actually
> gets the file.  They have to take steps to open the program and the
> data file as opposed to having it done automatically for them.
> Either rename the file to open, or open the appropriate program and locate
> the file.  The user takes the explicit action.

The downside of this is, if you ever want to get into secure email, it
breaks digital signatures.

We've found that our spam blocking (especially DNSBLs that block
dynamic IPs and open relays/proxies) helps cut down on a lot of the
e-mail virus/work junk coming in.

%%  Christopher A. Bongaarts  %%  cab at tc.umn.edu       %%
%%  Internet Services         %%  http://umn.edu/~cab  %%
%%  University of Minnesota   %%  +1 (612) 625-1809    %%



More information about the unisog mailing list