On Fri, 2003-01-24 at 22:47, jdow wrote: > From: "Craig White" <craigwhite@azapple.com> > > > On Fri, 2003-01-24 at 18:09, jdow wrote: > > > From: "Guy Fraser" <guy@incentre.net> > > > > > > > Some people actualy get mail from sources outside of these lists for > work. > > > > > > There IS an advantage to gray hair. I get to play Palace Guru to the > company > > > masses. For email I strongly recommend to management that documents > should > > > be zipped and attached that way rather than sent as the actual messages. > It > > > gives better email safety since it allows you to setup a filter that > looks > > > for RTF and DOC and other formats - and corrupt the messages so they do > not > > > get displayed or worse RUN. No viruses seem to get through that. > Fetchmail-> > > > Procmail=>SpamAssassin->other filters->mailbox is a powerful tool for > the > > > filtering operations. > > > > > ------ > > OK - for my higher learning, I have never heard of this being done > > before. Is there a link that describes how/when this could possibly > > happen? > > Which this? There were several in that message you quote. Automatically > spreading viruses is possible with html email. Many email readers preview > the email and at that time open all the attachments for proper display. If > everything is in a zip file then there is nothing that will get > automatically > opened and executed. That makes abominations like Outlook safer. The bozoid > user has to actually open the zip file and then manually execute before > there > is a danger from a virus. There's no danger during reading mail when a next > message that used to contain a virus, something not .zip encapsulated, is > previewed after it is massaged so that the html does not translate. That is > what I referred to at the end. You can easily 'destroy' mime encapsulation. > (Personally I prefer that method as it strongly encourages zip attachments > rather than inline anything. It is "theoretically possible" to take the > elements of a mimed message and repackage them into a zip, remime the > message > and place it in a mailbox. It might be worth someone's effort to do this.) --- Sorry, I thought what you were saying was that someone would enclose say a word document and it would get infected in route, that being the reason that it was better to zip the file. If the file weren't infected with a virus, it would make no difference if it were zipped or not. If it were infected with a virus, it wouldn't make a difference to the email application either. The only time the Microsoft mail products were vulnerable is when a self executing script were attached. Microsoft actually has had patches to stop this behavior for years, likewise, the anti-virus programs 'if up-to-date' should stop this behavior. The Microsoft Mail programs now (finally) ship with this behavior stopped by default. I don't mean to get into a discussion of Windows mail client and virus behaviors on this forum. From your last message, a bozoid user is gonna get infected by a virus whether via email or zipped attachment so I see little difference. I thought that you were going to educate me on some newer method of transmitting virii via email but I see now that you are talking about activity that was typical 2 or more years ago that should be arrested by other methods. Craig -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
