Matt wrote:
I may be in the minority here but I strenuously object to the "banned extensions" methodology. Especialy when implementing outside of the SMTP layer.Steffen Heil wrote:
For example, I DO have dnsblacklists, helo string checking, mime checks,
clsid extension checks, empty and to large boundary checks, verify
sender domain and soon some callout-checks in front of clamav.
However, some mail should get delivered and those should be checked,
right?
The helo checks, blacklists and other sender/client checks are just generalisations for any type of junk email. They are not the ones that I was including in that assessment.
The main types of checks that should be done are regarding the composition of the emails. For example, the ones you mention above, clsid and boundary checks, will stop a proportional amount of virus mails from getting any further. Then there are others, like iframe, executabl
For a service provider its a hassle for their customers. An internal corp. may be able to inflict such abuse on its users, but not an SP.
For that matter, thanks to MS new outlooks "You cant open this attachement if your life depended on it (except if you hack the reg for each and every one -- but if you trash your machine your sol)" security misfeature, is now a pain in the neck to email anything usefull to a windows/outlook user. You send it, you go on your merry way, you (maybe) hear back "I cant open it" "Send it again" "What are you talking about".
Just wait till zips become a banned extension.
What are we going to do when users become accustomed to renaming attachments back to the proper form? Make them click an extra ok button?
And for those who say "but they wont do that?" -- password protected zips?
Aggressive blacklisting is the answer. People who send you viruses should get blacklisted semi-automatically.
Now you dont even have to enter the DATA stage when they come knocking again.
Joe
------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
