Am 25.02.2015 um 23:15 schrieb Yves Goergen:
Am 25.02.2015 um 20:42 schrieb Bill Cole:On 24 Feb 2015, at 17:06, Yves Goergen wrote:I can't block all archives with executable files in them.Then in all seriousness: why bother filtering email specifically for malware? Email is an inherently untrustworthy transport medium. Any sort of executable received via email that is not cryptographically signed by a trusted sender should be considered unsafe to run. If an executable is signed by a trusted sender, it can just as easily be encrypted to protect it from detection as an executable. If your users believe that you are providing them a valuableservice by allowing transport of executables via email, they are mistaken. You are putting them at unnecessary risk.I fully understand you, but tell that end users
do it
They're already happy if they manage to get an e-mail with an attached file sent out.
we disallow any executeable for many years now no problem, the ordinary enduser don't come to the idea send .exe files
I've more than once thought about shutting down the FTP service due to repeated issues with it, requiring that users manage their files through SFTP. But FTP is still the most-used access protocol and the average webmaster(!) doesn't care or know about it all.
completly different topic
Your objection also applies to unencrypted HTTP downloads, BTW
completly different topic your webserver don't push random binaries unasked to you your mailserver does controlled by foreigners if you allow it
signature.asc
Description: OpenPGP digital signature