On Tue, 13 Mar 2018, Bill Cole wrote:

On 13 Mar 2018, at 14:21 (-0400), John Hardin wrote:

d) Don't accept emails from outside your organization that link to hosted documents. The document needs to be attached, so that it can be scanned. Unfortunately this is not feasible if you're not a (at least semi-)monolithic organization where you can apply such policies.

Also not feasible if any users subscribe to this list or most technical discussion mailing lists. For example, here you are likely to get links into the SA Wiki or to KAM's rules. On the Postfix list it is a rare week that does not have multiple links to the DEBUG_README file posted.

I don't count a plain text file as a "document" in this context.

The example provided was apparently to a directory (URL ending in '/') but redirected to a .doc.

This of course is the weakness with that option.


--
 John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
 jhar...@impsec.org    FALaholic #11174     pgpk -a jhar...@impsec.org
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  The problem is when people look at Yahoo, slashdot, or groklaw and
  jump from obvious and correct observations like "Oh my God, this
  place is teeming with utter morons" to incorrect conclusions like
  "there's nothing of value here".        -- Al Petrofsky, in Y! SCOX
-----------------------------------------------------------------------
 Tomorrow: Albert Einstein's 139th Birthday

Reply via email to