On Mon, 2002-08-19 at 20:48, Rob Brown-Bayliss wrote: > Does it block all executables? A bit of a pain if some one is trying to > send you something usefull?
I use the Procmail Sanitizer, and it blocks anything with an executable extension (exe/pif/scr/bat/cmd, etc.). If someone needs to email an executable, they can zip it first, or put it up on a web or FTP server. The main objective is to stop moron Windows users from double-clicking viruses to life. There's also a nasty Outlook exploit that uses the iframe tag to launch an executable just by viewing the message in the preview pane. I see a lot of those. Alas, executables can often travel with mutilated names (for instance, trailing spaces and dots, or encoded 8-bit names) that Windows can gratuitously "fix", so that the file gets past naive name-based filters. Defense in depth is called for. Block dangerous filenames, run AV software, and outlaw the most-frequently targeted MUA's from the company network. _______________________________________________ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
