> > Yeah... Why strip them? Why not just
> reject the whole thing
> >right back into the face of the sender. If they
> did it intentionally,
> >maybe they'll find another way. If they did it
> because of an infestation,
> >maybe that's the fastest way to let them know.
>
> OK. But is there a way to bounce email with just
> certain file type
> attachments ? We use attachments a lot for
> transferring data. I have no
> problem if someone wants to send a text attachment,
> but I want to block any
> sort of active content.
You could build a confirmation scheme like the one
that this list uses, sending the originator of any
mail with active content a message requiring a
confirmation of some sort, e.g. a message with a
randomly generated key in the subject.
This would stop most iloveyou-like viruses, and would
not prevent a user from receiving a "good" .EXE from
outside. And it would not require a manual inspection,
that could delay an important file for several days.
But... this would not prevent a malicious outside user
from sending an unsuspecting insider a "bad" .EXE. It
would just stop viruses, and only until the viruses
learn how to understand the confirmation request.
should i say "here's my two cents"? BTW, and
completely off-topic, what does it mean? - english is
not my native language...
Carlos Mor�n
__________________________________________________
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
