"Theodore Y. Ts'o" wrote:
> the more sympathy I have towards those who've argued for
> simply filtering all messages that orignated from Microsoft MUA's (which
> would also solve the problem), although arguably that penalizes the
> wrong set of people --- the users, instead of the idiots who wrot
At 07:55 04/01/2001 -0500, Michael Richardson wrote:
> Of the subset that can process PGP, a very small number can actually
>process multipart/signed. I have never got mailcrypt.el to do it,
>the Euroda and Outlook PGP plug-ins don't do it. The only ones that I know do
>it are PINE, ELM and EXM
On Thu, 04 Jan 2001 09:40:41 MST, Vernon Schryver <[EMAIL PROTECTED]> said:
> It would be more of a 21st century something to have the IETF join
> Microsoft in equating authentication (e.g. signing) with authorization
> (e.g. who gets to run programs on your computers). However, "solution"
> is
Michael Richardson <[EMAIL PROTECTED]> writes:
> Sending of IDs to the WG lists is a terrible practice.
Sending short IDs to WG lists or longer IDs in parts as the WG goes over
them results, in my experience, in more detailed and easier to follow
comments than pointers. YMMV. It's not approp
> From: "Matt Crawford" <[EMAIL PROTECTED]>
> > Please point to an example of a useful multipart message seen in
> > this list or that might someday be useful in this mailing list.
>
> I have sent to wg lists a multipart containing a preamble and an
> internet-draft or similar file. This makes i
> From: Jon Crowcroft <[EMAIL PROTECTED]>
> i'd prefer to see us develop a more 21st century solution
>
> first, we should register mime types that we DO allow on a list
>
> second, if someone must send an executable attachment , then we have a
> signing server that signs the attachment as trust
each recipient chooses mailserver to subscribe whose sig
you trust i.e. a distributed, heteroegenous system.
for exampl,e i dont really care about windows viruses in my mail since
i read mail on a unix system, so i would subscribe to a listserver
that signed windows executables and visual ba
> second, if someone must send an executable attachment , then we have a
> signing server that signs the attachment as trustworthy
and how, and using what criteria, would the signing server evaluate
the trustworthiness of the attachment?
e.g. I might consider an attachment that installed NetBSD
The fact that very few can/do create/verify multipart/signed email is
mostly a statement on the extremely sad state of security on the
Internet; to which I guess I'm contributing by not signing my mail :-(
The use of authenticating tehcnology (even if it is just to
authenticate that two messages
On Wed, 3 Jan 2001, James M Galvin wrote:
> I think this discussion needs to separate at least two distinct issues.
>
> 1. Should the IETF elist messages be scanned for viruses?
>
> 2. Should the IETF elist restrict the type of content that can be
>submitted?
Bear this in mind when you say
This distinction between filtering content and virus scanning is
confusing because they are not the same thing.
To choose to filter content (restrict it to text/plain or some other
limited set) would be changing the policy of this elist. That is more
than an operational decision and probably des
> Please point to an example of a useful multipart message seen in
> this list or that might someday be useful in this mailing list.
I have sent to wg lists a multipart containing a preamble and an
internet-draft or similar file. This makes it easy for recipients to
save the draft as-is. Someti
fwiw, ietf+censored currently has the following set of filters in taboo_body:
>/^Antigen for Exchange found/
>/^Virus Notification: A virus has been detected/
>/^Antivirus Utility for Exchange found .* infected/
>/^Content-Type: application\/x-msdownload/i
the last one is ONLY included because I
> "hardie" == hardie <[EMAIL PROTECTED]> writes:
hardie> Example:
hardie> A multipart/signed message containing a pgp signature known to
hardie> some/all members of this list. As, for example, the ietf registrar pgp
hardie> signature (see http://www.ietf.org/ietf-registrar.
> "James" == James M Galvin <[EMAIL PROTECTED]> writes:
James> On the other hand, I think it's a feature to be able to send documents
James> (even text-based documents) as attachments as opposed to inline and I
James> further consider it a feature that Internet Draft announcements
In message <[EMAIL PROTECTED]>, Francis D
upont typed:
>>Vernon, I fully agree with you: there is no reason to get multipart
>>messages in technical discussion mailing lists. Even if your solution
>>seems drastic this is the way we should go.
i'd prefer to see us develop a more 21st century
Vernon, I fully agree with you: there is no reason to get multipart
messages in technical discussion mailing lists. Even if your solution
seems drastic this is the way we should go.
Thanks!
[EMAIL PROTECTED]
On Wed, 03 Jan 2001 23:57:53 -0500 (EST), you wrote:
>1. Should the IETF elist messages be scanned for viruses?
This would require that appropriate virus detection software exist in
the environment that the mail list is operated.
Are you aware of eg an Acorn Archimedes virus scanner that runs i
Date:Wed, 03 Jan 2001 23:57:53 -0500 (EST)
From:James M Galvin <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Aside from what Donald said...
| In addition to better managing resources on the server side I consider
| it a service to the subscribers.
I don't.
> Date: Wed, 03 Jan 2001 17:50:03 -0500 (EST)
> From: James M Galvin <[EMAIL PROTECTED]>
>
> I think it would be a mistake for the IETF to try to get into the
> business of protecting mailing list subscribers from virses.
>
> I'd sure like to understand your motivation for this
I think this discussion needs to separate at least two distinct issues.
1. Should the IETF elist messages be scanned for viruses?
2. Should the IETF elist restrict the type of content that can be
submitted?
Personally I think it would be a great service to the community to scan
messages for
> The first step would be for everyone to be aware if they have received,
> opened (duh) and thus are sending out a virus.
the first step would be for everyone to stop running mail user agents
that automatically open potentially harmful attachments.
the second step would be for the manufacturers
RJ Atkinson wrote:
>
> At 19:07 03/01/01, Lloyd Wood wrote:
> >I'd just bounce all emails with non-text attachments with a message
> >requesting that attachments not be sent to the list, and that the
> >message be resent as text. Simple. sufficient.
>
> Fully agree. There is no need t
> From: [EMAIL PROTECTED]
> > Please point to an example of a useful multipart message seen in
> > this list or that might someday be useful in this mailing list.
> Example:
>
> A multipart/signed message containing a pgp signature known to
> some/all members of this list. As, for example, the
At 19:07 03/01/01, Lloyd Wood wrote:
>I'd just bounce all emails with non-text attachments with a message
>requesting that attachments not be sent to the list, and that the
>message be resent as text. Simple. sufficient.
Fully agree. There is no need to use any thing that
isn't text/plai
Vernon writes:
> Please point to an example of a useful multipart message seen in
> this list or that might someday be useful in this mailing list.
Example:
A multipart/signed message containing a pgp signature known to
some/all members of this list. As, for example, the ietf registrar pgp
sig
> From: "Theodore Y. Ts'o" <[EMAIL PROTECTED]>
> ...
> I agree that filtering multipart messages goes too far; they can be
> useful.
Please point to an example of a useful multipart message seen in
this list or that might someday be useful in this mailing list.
I have Microsoft, Linux, and vario
Date: Wed, 03 Jan 2001 17:50:03 -0500 (EST)
From: James M Galvin <[EMAIL PROTECTED]>
I think it would be a mistake for the IETF to try to get into the
business of protecting mailing list subscribers from virses.
I'd sure like to understand your motivation for this point of
> From: Scott Lawrence <[EMAIL PROTECTED]>
> > Still, there are other good reasons why the IESG should add something like
> > the following to sendmail.cf on odin.ietf.org to reject multi-part junk:
> >
> > HContent-Type: $>+Check_CT
> > SCheck_CT
> > R$*multipart$* $
Date: Wed, 03 Jan 2001 15:51:04 -0500
From: Donald E. Eastlake 3rd <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Eliminating Virus Spam
I think it would be a mistake for the IETF to try to get into the
business of protecting mailing list subscribers
Vernon Schryver wrote:
> Still, there are other good reasons why the IESG should add something like
> the following to sendmail.cf on odin.ietf.org to reject multi-part junk:
>
> HContent-Type: $>+Check_CT
> SCheck_CT
> R$*multipart$* $#error $: 553 reject multi-part
body will be alerted - once.
Thanks for your time and I wish you a Happy, Prosperous New Year!
Lillian
Lillian Komlossy || Site Manager || http://www.dmnews.com ||
http://www.imarketingnews.com || 212 925-7300 ext. 232 ||
mailto:[EMAIL PROTECTED]
-Original Message-
From: John Border [mail
John Border <[EMAIL PROTECTED]> writes:
> I am not that familiar with the details of how mailing list servers
> work. Is it possible to configure a mailing list server
> (e.g. [EMAIL PROTECTED]?) to do a virus scan on an incoming mail
> message before forwarding it to the mailing list, bouncing
> From: John Border <[EMAIL PROTECTED]>
> I am not that familiar with the details of how mailing list servers work.
> Is it possible to configure a mailing list server (e.g. [EMAIL PROTECTED]?)
> to do a virus scan on an incoming mail message before forwarding it to the
> mailing list, bounc
I think it would be a mistake for the IETF to try to get into the
business of protecting mailing list subscribers from virses. But the
list membership should be protected from anti-virus software spamming
by some combination of filters and unsubscribing those whose sites run
such unscalable soft
I am not that familiar with the details of how mailing list servers work.
Is it possible to configure a mailing list server (e.g. [EMAIL PROTECTED]?)
to do a virus scan on an incoming mail message before forwarding it to the
mailing list, bouncing the mail message back to the sender if a vir
36 matches
Mail list logo
