[Mimedefang] survey: dropping password protected file
Les Mikesell
les at futuresource.com
Wed Mar 3 11:59:22 EST 2004
On Wed, 2004-03-03 at 08:40, EKB wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> How about just "defanging" any encrypted zip by renaming it and adding a
> brief warning message. We receive lots of valid encrypted zip files so
> deleting them is not an option.
Have you seen the current crop? They include what looks like
a good personalized reason to use the password to open the
zip (your email account will be disabled, etc.) and come from
reasonable looking addresses (management at yourdomain, etc.).
Since the real problem is outlook and the way it abuses 'open'
to mean 'execute', I'm thinking of setting up alternate mailboxes
for my users that can only be accessed through a web mail interface
and tossing anything questionable there. Has anyone tried this
approach yet? Dropping spam there would work too if it could be
automatically purged after a certain time. Using maildir format
for delivery would make that fairly easy and an imap server like
dovecot or currier running on an alternate port could act as the
intermediate handler for the webmail front end.
---
Les Mikesell
les at futuresource.com
More information about the MIMEDefang
mailing list