[rescue] Notify about your e-mail account utilization.

Steve Sandau ssandau at gwi.net
Wed Mar 17 11:17:53 CST 2004

>>Hear, hear! As the postmaster of my small office, it is nice to be able
>>to look at any suspicious attachments on my SPARC Solaris workstation
>>without worries. I do block windoze executables, but I still (for now!)
>>let zip files through.
> Lots of places let zip files through, which is why you're seeing
> more zip attachments.  Some places do a virus scan on zipped
> attachments, which is why you're seeing files zipped with a password
> included in the text of the message.
> Our IT department recently sent out an email that due to virus concerns,
> files with certain extensions were being blocked and that if you
> needed to email such a file to someone, you should simply change the
> extension to .txt.

At least it requires some connscious effort on the part of a user to get 
  the file. It can't be opened by "accident" as easily. Fortunately, 
that is also true of the recent password-protected viruses. Obviously 
that is indeed done to defeat scanning. Otherwise it's kind of like me 
giving you a box, but for "security's sake" I have locked it and taped 
the key to the top of the box...

I use something called Inflex to examine email attachments. It looks at 
the magic number (?) of the attachment. Regardless of the name, it 
blocks anything executable by Windows. I don't know if it is as smart 
with zipped files or not. I hope so, but there are several different 


More information about the rescue mailing list