[Mimedefang] Re: Unsafe file types

[WBrown at e1b.org]

mimedefang-bounces at lists.roaringpenguin.com wrote on 12/01/2003 11:10:03 
PM:

> 
> > Blocking documents is especially bad,
> > businesses run on them. Get a scanner that will scan for macro 
viruses.
> 
> Or use a document format that isn't active. How about some kind of 
doc-to-RTF
> converter spawned by MD that replaces active documents with 
presentation-only
> documents? I'd love it if Open Office supplied such a utility.
> 
Nope.  Collaborative development of documents via email is essential to 
many businesses.  I worked at a law firm before they had internet 
connected email.  I spent many hours transferring documents such as 
contracts for the lawyers so that they could modify them and send them 
back.

> > No matter how tight you clamp down on your email, they will find ways 
to
> > transfer the documents and files they need to. {thinking back to the 
era
> > when there were no attachments on email and uuencode was the perfered 
method
> > of choice, perhaps we'll be there again}. But the trouble is, the more 
hoops
> > they jump through, the less productive they'll be.
> 
> One hopes that users clever enough to jump through hoops are clever 
enough not
> to blindly click on active attachments. This of course would not be an 
issue
> if the most popular email client weren't so ready to run that active 
content
> on your behalf. Much of the effort of filters like MD is to make up for 
the
> promiscuity of that client.

Again, that is wishful thinking.  You can scream from the rooftops not to 
open a message with a certain subject (I love you) with threats of 
termination and some moron will still open it.  Even if you use MD to move 
the file to a web server and zip it, some clown will just *HAVE* to look 
at the file and do whatever it takes.

Some people just should not have computers.  Dedicated appliances like 
Mail Station or WebTV are about all they can handle.