RE: [Declude.JunkMail] EXE files, again!
Anyone have good links? From http://www.sophos.com/virusinfo/whitepapers/prevention.html Block receiving/sending of executable code There is very little need for executable code to be received or sent. In most instances it is also illegal, usually breaching the software copyright. Some people are fond of using self-extracting ZIP files to send compressed data files: for security reasons using statically compressed ZIPs (which need PKUNZIP to be decompressed) is a much better solution. The blocking of executable code transfer is often best achieved on the internet gateway. Unfortunately, it is impossible to detect executable code with 100% certainty by analysing either the file content or the file extension. However, blocking files with executable extensions such as EXE, VBS, SHS etc. contributes to overall anti-virus measures. User education also plays a significant part in preventing infections by executable code received by email: the temptation to install a cute screensaver can be very, very high for a PC user who is not security aware. From http://www.sophos.com/virusinfo/articles/safehex.html Block any unwanted file types at the email gateway. Viruses often use file types such as VBS, SHS, EXE, SCR, CHM and BAT to spread. It is unlikely that your organisation will ever need to receive files of these types from the outside. If this is the case Sophos recommends blocking all of them at the email gateway - whether they are virus infected or not. HTH -B --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] EXE files, again!
Anyone have good links? From http://www.sophos.com/virusinfo/whitepapers/prevention.html From http://www.sophos.com/virusinfo/articles/safehex.html Thanks Bill. I plan on making another web page to go along with this one: http://www.tenforward.com/support/viruspage.php Sheldon Sheldon Koehler, Owner/Partnerhttp://www.tenforward.com Ten Forward Communications 360-457-9023 Nationwide access, neighborhood support! Whenever you find yourself on the side of the majority, it's time to pause and reflect. Mark Twain --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] EXE files, again!
Unfortunately, failure to run AV programs at the client side (as well as at the mail server) has crippled the legitimate sending of .EXE files through email (which we commonly used to do -- our users are unsophisticated and have trouble extracting updates out of their email if zipped first). We violate absolutely zero licenses in our distributions (licensed zip program for creating self-extracting emails). Instead, we have to resort to posting the exe, sending out an email, then walking the user through the download and execution on the phone (sure, we had to talk to them before, but AFTER they downloaded the EXE across their crappy dial-up connection). Trying to explain ZIP files -- forget it, you have to walk them through finding a freeware ZIP program, installing it, possibly rebooting, then unzipping the download and extracting it -- this is why we started using EXE files long ago. I guess the next step in the progress of email is we'll go back to mailing out diskettes (which had the benefit of not having to explain that the EXE and the unzipped files did not BOTH fit on a diskette). Set up an area that your old lady customer can upload her cute EXE files (or document how to use one of the free sites) and set up clear documentation that any 50 year old can follow (not that a kid can follow) on how to link the file in an email. Explain the benefit of not worrying if the receiver's mailbox is full or having to wait when sending the cute file to all her friends for it to be uploaded once per receiver. K Oland -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sheldon Koehler Sent: Wednesday, January 08, 2003 11:44 AM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] EXE files, again! Anyone have good links? From http://www.sophos.com/virusinfo/whitepapers/prevention.html From http://www.sophos.com/virusinfo/articles/safehex.html Thanks Bill. I plan on making another web page to go along with this one: http://www.tenforward.com/support/viruspage.php Sheldon Sheldon Koehler, Owner/Partnerhttp://www.tenforward.com Ten Forward Communications 360-457-9023 Nationwide access, neighborhood support! Whenever you find yourself on the side of the majority, it's time to pause and reflect. Mark Twain --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] EXE files, again!
I have a persitant old lady that is very upset by the fact we do not allow EXE files. She is making greeting cards with MS Home Publisher. I showed her this link on Microsofts site http://office.microsoft.com/assistance/2000/Out2ksecFAQ.aspx , but she is still adamant that it does not pertain to Home Publisher... I tried searching Symantec and a couple other sites looking for a generic page by a major authority that EXE files are a Bad Thing (tm). Anyone have good links? Sheldon Sheldon Koehler, Owner/Partnerhttp://www.tenforward.com Ten Forward Communications 360-457-9023 Nationwide access, neighborhood support! Whenever you find yourself on the side of the majority, it's time to pause and reflect. Mark Twain --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
