Curt Purdy <[EMAIL PROTECTED]> wrote: > ... dropping all non-priority [not named .dps] attachments ... > If anyone gets ugly who happens to know the priority extension, > the AV gateway will get it anyway.
Will get it, maybe, as well as until now. Maybe, because some (broken) AV refuse to look at "randomly named" (e.g. non-EXE) attachments. As well, or as badly, as until now, because AV does not "get" malware not yet in its database; it never gets the new viruses, only the "boring old" ones. Your arrangement may offer some protection from the deluge of common viruses (allowing bits of each message through, instead of dropping them altogether: still annoying to your users). However, it does not increase your security (in the sense that you are still vulnerable to directed attacks). Since your arrangement protects against some attacks, and does not decrease security, it may be useful in some environments. Cheers, Paul Szabo - [EMAIL PROTECTED] http://www.maths.usyd.edu.au:8000/u/psz/ School of Mathematics and Statistics University of Sydney 2006 Australia _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
