On Thu, 10 Jun 2004, Henry House wrote:

[...]

> 2. Zip attachments
> 
>       I am also rejecting all zip files. This has so far been fine, since all
>       zip files received for the last few months have been viruses. But surely
>       there is a better way, other than blocking based on known virus
>       signatures. Perhaps accepting zipfiles from people who have previously
>       send us mail, but not from random senders. But how to do that? Can
>       patterns be made conditional on the sender's address using buildin
>       postfix mechanisms or do I need an external scanner like SpamAssassin?

Whitelisting is only another stopgap in this day of zombie spam sources.

>       I usually ask people to send tarballs instead of zipfiles. Can popular
>       DOS compression programs create tarballs?

Yes, some do, but I wouldn't recommend telling people they should create
them, because they don't handle newline conversion and they don't
encourage tarring up a single directory, as is the custom in the Unix
world, so you'll get splatted when you untar them.

---------------------------------------------------------------------------
Jeff Newmiller                        The     .....       .....  Go Live...
DCN:<[EMAIL PROTECTED]>        Basics: ##.#.       ##.#.  Live Go...
                                      Live:   OO#.. Dead: OO#..  Playing
Research Engineer (Solar/Batteries            O.O#.       #.O#.  with
/Software/Embedded Controllers)               .OO#.       .OO#.  rocks...2k
---------------------------------------------------------------------------

_______________________________________________
vox-tech mailing list
[EMAIL PROTECTED]
http://lists.lugod.org/mailman/listinfo/vox-tech

Reply via email to