* Milen Petrinski <[EMAIL PROTECTED]> writes:
>> Thus spake [EMAIL PROTECTED] ([EMAIL PROTECTED]):
>> > I've been thinking of a scheme in which attachments of certain
>> > "dangerous" types get mangled, such that the filenames or types are
>> > intentionally misdeclared. So the user ends up with a plain base64
>> > text file, which is meaningless, but which he can trivially decode
>> > to the original.
>>
>> While this sounds good, it does not solve the problem. This is about
>> shifting the blame, not solving the problem, which is that users run
>> insecure operating systems.
> People will allways use Windows, no matter what the sysadmins say. The
> "lusers" want buttons, F1 and plug'n'play.
They don't want F1. That's one of the problems.
> The problem is not the OS security - most of the times there is no
> choise.
Look, when I was in larval stage, nobody got fired for buying IBM and WP
hat 90% of the market. There was "no choice". Or was there?
Now it's basically the same. Linux is here to stay and Unix is gaining
an ever stronger foothold in the server market. The next big thing will
be "thin clients" or WebTV or whatever - client/server in any
case. There *will* be choice.
> The man askes for an antivirus softwere, not for compare between OSes.
The man is perpetuating a problem, not trying to solve it. Dealing with
company email is not a software thing, it's a matter of your Acceptable
Use Policy". Ours clearly states that opening mails from an unknown
source is a reason for being dismissed. It's as easy as that. Granted,
spoofing an address is not that difficult, but such an AUP makes people
/think/ - that's worth more than 500 virus scanners. Remeber ILOVEYOU?
No virus scanner on earth would have prevented that. And as long as
there is closes commercial software (read: Windows), there will be
security exploits by the dozen.
Anyway - it's not a mailserver thing, so reply-to set.
--
Robin S. Socha <http://socha.net/>
