RE: [Full-Disclosure] FD should block attachments
From: Sean Crawford (sean01_at_accnet.com.au)
To: "Michael Gale" <email@example.com>, <firstname.lastname@example.org> Date: Sun, 4 Apr 2004 01:18:33 +1000
Hi list first up..
Now again my 2 bits worth..
This is a forum called 'Full Disclosure'..
That's what it is.....not filtered.
People can share what ever the hell they want be that a virus..
Semantics on filtering has no place here as that's your own security issue
as this is a non-moderated forum....
Your a troll in the full sense...maximum bight's for little effort.
If your mail server is so secure why would you care?...............
If you want to host files for download....good on you!...
Waste of bandwidth.................well what a joke to even mention that....
Those that host this list could say the whole hosting procedure is a waste
no matter the content...
Gawd post's like yours piss me off................go drown Troll...
This whole thread is a waste.
Sorry........... but this stuff pisses me off..............
I subscribe to this list for it's content..........not for it's filtering
Sean..\\PS...I so hope FD don't be come some lame arse filtered
[mailto:email@example.com]On Behalf Of Michael Gale
Sent: Saturday, 3 April 2004 9:29 AM
Subject: Re: [Full-Disclosure] FD should block attachments
As I have read all the replies below I feel I should respond. First
of all I host my own domain which includes my own web, mail and ftp
At the moment my mail server is a postfix server with amavisd-new,
clamAV and bogofilter.
So all attachments get filtered - so client side filtering is NOT a
problem or issue.
The point -- this list is supposed to be for security professionals and
not another bugtrag one. As security professionals, we should be setting
SMTP was not designed to transfer files, and think of the wasted
bandwidth. I am lucky and pay for bandwidth at a flat rate and since my
server is only my network my client downloads the message at 10MB
The point -- how many people are on this list ? Lets say 10,000 -- some
one sends a e-mail to the list containing a 1MB attachment. We just
wasted / costs lists.netsys.com 10GB of transfer. Now lets those 10,000
list subscribers, 50% do not care about the attachment and delete it,
but the other 5,000 each response with their 1MB attachment.
Now think about where you work -- we have a internal exchange server and
every day are trying to convienence people to post links to files on the
Intranet instead of attaching them --- why ? because why send 100 people
the same attachment which they will all most likely save forever in the
mailbox. (Now I know Exchange is supposed to try and do single message
Look at all the bandwidth we wast, the money we cost other people and
the examples we set. Posting a link to a file is much better way -- only
those who want to see the attachment will download it.
IRC servers have this type of setup I believe -- maybe the FD could
setup a HTTP server where list subscribers could post files -- have a
cron to auto delete any file older then 30 days or less.
On Mon, 29 Mar 2004 02:40:00 -0700
Michael Gale <firstname.lastname@example.org> wrote:
> Being a member of this I do not mind the carrying on of list
> members. I usually enjoy reading the banter and I do not care about
> the"noise" ratio.
> What is annoying is the amount of viruses or waste of my bandwidth
> attachments that come from this list.
> I think FD should change their policy and block all attachments,
> except maybe plain text file's.
> Most people on this list are smart enough that exe's, zip and pif
> attachments do not need to be send, I am tired of the excuses:
> I had a virus
> I did not know what the file was
> FD should block attachments except for plain text. People can post
> links to web pages or what ever that way only people who want to see
> the attachment would get it, plus it would save on your bandwidth.
> Hand over the Slackware CD's and back AWAY from the computer, your
> geek rights have been revoked !!!
> Michael Gale
> Slackware user :)
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
-- Hand over the Slackware CD's and back AWAY from the computer, your geek rights have been revoked !!! Michael Gale Slackware user :) Bluesuperman.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ________ Information from NOD32 ________ This message was checked by NOD32 Antivirus System for Linux Mail Server. part000.txt - is OK http://www.nod32.com __________ NOD32 1.701 (20040401) Information __________ This message was checked by NOD32 antivirus system. http://www.nod32.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html