Hi! On Tue, Aug 10, 2010 at 8:33 AM, Noel Jones <njo...@megan.vbhcs.org> wrote: > On 8/10/2010 2:59 AM, Jacqui Caren-home wrote: >> >> Udo Rader wrote: >>> >>> On 08/07/2010 05:40 AM, Dennis Carr wrote: >>>> >>>> On Fri, 6 Aug 2010, junkyardma...@verizon.net wrote: >>>> >>>>> See Zip Attachment >> >> I assumed this was a infection generated zip file... >> I certainly had no intention of looking at it and from the >> email profile it would have been bounced by work systems as >> "too risky". >> >> Q: Does *anyone* post zip files to this mailing list? > > Yes, zip files are allowed on this list and are not terribly unusual. > > But if the entire description is something like "check this out", only the > most foolish^Wadventurous will actually open them.
Yes, it is better to describe your zip file, so that people feel more comfortable, and off course, to allow people to decide whether or not they need to open it (maybe someone is just not interested). > > >> >> I see no reason why anyone would want to as most sensible >> folks tend to upload code and log snippets to an ftp/web site >> and provide a link. > > On this list it's customary to post log snippets and code references in-line > so people trying to help don't have to search all over to find needed > information. Large attachments -- such as a tcpdump recording -- are > frequently zipped; nothing wrong with that. > > But the original announcement from this thread should have been a > description of the project purpose, with a link to more information and the > code. I believe that just a description, and the intention of posting it here: want an opinion, want to get it included with postfix, who knows! > > >> >> So would it be sensible/possible to reject any list posts that >> include zip/bin/exe/scr/pif/... attachements? > > Your server, your rules; reject whatever you want. Postfix announcements > will be text-only, so you are unlikely to miss anything terribly important. > But zip files are not always evil. I personally doesn't reject any type of file, but *do* run anti-virus, and any infected files are removed, but that's me, there are sites that want everything filtered! (no exe, no zip, no rar, no tar, no pif, no com (who use .com files today?)), but there is a time when they receive a virus in the format of, say, a text string that exploits a bug on the video driver! (I think this actually happened in the past), so, all of that filtering for nothing. I find it foolish to start filtering everything, just because a small rate of that kind of file *may* be evil: it is like if you don't allow people go to your office with laptops, because they can hook-up to your network and steal information from your intranet (if you want to prevent this, authenticate network ports with 802.1x or something like that, don't use wifi, and off course, secure your intranet's servers!). Sorry if part of this gets off-topic, but this kind of discussion is always interesting. > >> >> Jacqui > > > -- Noel Jones > Ildefonso
