On Mon, 14 Aug 2006, Robert Nicholson wrote: > You are failing to understand my point. > > To me any message that has a .exe attachment is spam.
I understand you completely. You have internalized "bad email == spam". There are more nuances than that - bulk unsolicited commercial solicitations and email worms are different abuses of the email system, and the approaches to dealing with them properly and reliably are different enough that it's better to use separate tools to do so. > That's just how I work because I'm on a Mac therefore I'd like to > use check_microsoft_executable who's job it is to bump up the > score if there's an executable attachment. The problem right now > is that > > 1. this check is handled by the antivirus plugin. it probably > shouldn't be as bumping the score because there's an attachment has > nothing do to with anti-virus checking. > > 2. the check isn't thorough enough because it doesn't consider > other content-types whereby people hide executable attachments. *that* is the problem. Expecting SA to verify the MIME type of an attachment that is NOT used for delivering a commercial solicitation dilutes its focus on effectively filtering commercial solicitations. It's as wrong as trying to make an email virus filter try to behave as though unsolicited bulk emails were viruses. > Therefore. I don't care whether SA is an anti-virus tool or not > it's completely irrelevant to me. That's the view I would expect of an end user, not an administrator. Granted you've never claimed that you are an administrator. I hope that I've not offended you, I'm just trying to suggest that there are better and more appropriate alternatives to achieve what you seek. > >> SPAM is not always the same for everybody. > > > > Sure it is. Spam (please don't capitalize the entire word - Hormel > > gets annoyed) is Unsolicited Bulk Email. > > > >> In my case anything with .exe is SPAM because nobody will send me > >> a .exe > > > > Calling a worm "spam" does not make it spam. -- John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- The fetters imposed on liberty at home have ever been forged out of the weapons provided for defense against real, pretended, or imaginary dangers from abroad. -- James Madison, 1799 -----------------------------------------------------------------------
