[clug] [AUSCERT ALERT - Email worm W32.Beagle.A/Win32.Bagle.A]
Nemo -earth native-
nemo at nut.house.cx
Mon Jan 19 08:57:01 GMT 2004
On Mon, Jan 19, 2004 at 07:34:22PM +1100, Steven Hanley did utter:
> On Mon, Jan 19, 2004 at 07:14:42PM +1030, David Lloyd wrote:
> >
> > (Captain?) .../Nemo,
Ahhh, a return to the pre-pixar jokes... it's like a wave of nostalgia
all over again. ;)
> > Of late my ISP installed spam blocking software which they didn't tell me
> > abut. Unfortunately it keeps on killing samba-technical which is slightly
> > annoying.
My ISP (erm, that would be me, Goldweb) uses the .exe blocking globally
against all our customers. It checks against messages both incoming and
outgoing. (there are actually well over a dozen filetypes it blocks on).
I've had one or two complaints and a few inquiries. We've also had quite
a few gratefull customers who have been saved from the same virus' that
have infected all of their friends. We've been doing this for years, and
the net consensus is very easily positive.
> > This is a good solution you propose but I don't really want to reconfigure
> > my mail server every time I do actually want to receive a .exe.
> In the bounce message to the send attempt mention that any exe or doc or
> similar attatchments they wish to send you should be zipped.
In fact, a simple filename extension change is all it takes ;)
It's a blunt tool - it doesn't check if the file *is actually* a valid
windows executable or anything. It merely looks at the file extension of
attached files, and rejects them if they match one of the patterns.
(and yes, our reject message mentions zipping)
.../Nemo
--
------------------------------------------ --------------------------
earth native
More information about the linux
mailing list