[Mimedefang] survey: dropping password protected file
Brent J. Nordquist
b-nordquist at bethel.edu
Wed Mar 3 14:20:38 EST 2004
On Wed, 3 Mar 2004, Michael Sims <michaels at crye-leike.com> wrote:
> Joseph Brennan wrote:
> > We are currently refusing all mail with zip files.
>
> We are seriously considering doing the same thing.
A compromise we've adopted: We're just dropping ZIP files under 64K, and
telling users who need to send a ZIP legitimately that they need to add
enough files to make it bigger than that.
Something else we're considering: Allowing users to put a specific token
on the Subject: line which will allow a small ZIP through, and possibly
other "unsafe" extensions that are normally blocked. If the token is
complex enough and specific to our site, it's unlikely a mass-mailing
virus would use it.
P.S. Someone said they're using action_bounce -- PLEASE use action_discard
so you don't contribute to the problem. All these modern viruses forge
the From: address... alerts are useless. Just drop it.
--
Brent J. Nordquist <b-nordquist at bethel.edu> N0BJN
Other contact information: http://kepler.acns.bethel.edu/~bjn/contact.html
More information about the MIMEDefang
mailing list