[rescue] Re: NetApps

Dave McGuire mcguire at neurotica.com
Thu Apr 8 10:48:13 CDT 2004

On Apr 8, 2004, at 11:39 AM, Phil Stracchino wrote:
>> I do not allow any *.zip files through our mail servers and i'm
>> able to keep my job just fine.  Please enlighten me with your
>> proposed solution to the problem?
> I think the issue here is, "We're worried about viruses and trojans, 
> but
> we're not going to bother actually SCANNING attachments, we're just
> going to block anything that has a .zip extension without bothering to
> check whether the filetype actually matches the extension or not, so if
> you want to trivially defeat our pathetic excuse for a security 
> measure,
> just rename your .zip file to .scr or something."

   This does indeed suck.  It's a bandaid on top of a bandaid on a 
problem...the problem of course being that...



Dave McGuire          "PC users only know two 'solutions'...
Cape Coral, FL          reboot and upgrade."    -Jonathan Patschke

More information about the rescue mailing list