Scott, It seems that social engineering will be play a huge part in future viruses (already seen it will passwords listed in body of encrypted zips), what are your thoughts on the following:
I have recently saw a bounce message that contained the recent Bagle.aq virus that contained the following words in the body. "Due to the nature of the current virii, we are stripping Microsoft .zipattachments. To send these, please rename the extension to .piz by rightclicking and using rename file. Let the recipient know to change it back to.zip and it should get past." Is it possible to build in some parameter that allows for banning all extensions, except some listing that is provided within the config file? However, keeping the functionality of blocking file extensions within compression files. I know this is most likely a huge undertaking, however, if I look back over my conversations with some of my users and them wanting to send some much needed exe (or the like) file through inside a zip, and my response is rename the extension to something other than .zip and send it and let the end user know to alter it back. I can't help but imagine the virus writers will social engineer something soon to do the same. Thanks for the time. Keith --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.