Am 25.02.2015 um 20:42 schrieb Bill Cole:
On 24 Feb 2015, at 17:06, Yves Goergen wrote:
I can't block all archives with executable files in them.
Then in all seriousness: why bother filtering email specifically for
malware?
Email is an inherently untrustworthy transport medium. Any sort of
executable received via email that is not cryptographically signed by a
trusted sender should be considered unsafe to run. If an executable is
signed by a trusted sender, it can just as easily be encrypted to
protect it from detection as an executable. If your users believe that
you are providing them a valuableservice by allowing transport of
executables via email, they are mistaken. You are putting them at
unnecessary risk.
I fully understand you, but tell that end users. They're already happy
if they manage to get an e-mail with an attached file sent out. I've
more than once thought about shutting down the FTP service due to
repeated issues with it, requiring that users manage their files through
SFTP. But FTP is still the most-used access protocol and the average
webmaster(!) doesn't care or know about it all.
Your objection also applies to unencrypted HTTP downloads, BTW.
--
Yves Goergen
http://unclassified.software
