> See what I mean? Yes - this problem is well known.
If the unexpected executable contains a virus, the attachment will be blocked/removed. The meaning of this feature is a "super-super-super whitelist" for attachments. And YES - use it with care OR don't use it in doubt! >But what if that vendor is compromised internally or otherwise? This is a matter of trust. Do not open this door for "haphazardly clicking front office persons" ! - the signature is removed, if the Macro content is touched anyway - it is not possible to modify a PDF without loosing the signature/certificate - jar files loosing there signature if modified - the case where an executable is stored in the same compressed file along with a well known good file - hopefully any virus scanner willl catch it - otherwise the recipient should KNOW what do, because the attachment looks different to any ever received from this vendor I'll make some tests for such a scenario. Thomas DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! *******************************************************
_______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test