[Mimedefang] Re: Unsafe file types
WBrown at e1b.org
WBrown at e1b.org
Tue Dec 2 08:36:27 EST 2003
mimedefang-bounces at lists.roaringpenguin.com wrote on 12/01/2003 04:47:19
PM:
> On my mail server, I don't block any attachment's based on file
extension. I
> figure that the whole purpose of email is to communicate and I do my
best to
> help that. Blocking perfectly legitimate email that's carrying a
"dangerous"
> attachment extension is a bit silly. "Dangerous" is in the eyes of the
> beholder. I'm willing to do virus scanning of attachments on the server
but
> after that, as far as I'm concerned, it's up to the user to have an up
to
> date virus scanner and to use the wetware between the ears when opening
file
> attachments. If they screw up their computer after all that, well, it's
not
> my problem.
>
> My problem is trying to weed out the non-legitimate email in the first
> place. That is, spam and email's containing known virus's. Blindly
blocking
> attachments based on file extensions is going too far IMHO.
I agree, to a point. There is never a good reason to be sending an SCR or
PIF file. Since they are almost always a virus, I block those. Right
now, I'm doing it in my mail (Lotus Domino) server Antivirus. I will be
doing it as I implement MIMEDefang.
You make an excellent point about not blocking legitimate mail. Security
is always a balance, and blocking those two extensions is where I set the
level.
More information about the MIMEDefang
mailing list