Re: outlook 2002 is a control freak

From: Michael H. Warfield (mhw@wittsend.com)
Date: 09/26/01 

Date: Wed, 26 Sep 2001 15:38:59 -0400
From: "Michael H. Warfield" <mhw@wittsend.com>
To: leon <leon@inyc.com>
Subject: Re: outlook 2002 is a control freak
Message-ID: <20010926153859.A22363@alcove.wittsend.com>

On Mon, Sep 24, 2001 at 06:41:52PM -0400, leon wrote:
> Hi folks,

> I have a friend who is sending me attachments that are executable.

        Your "friend" is no friend and is a fool in the extreme sense.

> Seems M$ decided to make it their business which types of extensions I
> receive (hmmmm Eudora looking good all of a sudden). This is what I got

        On of the few smart things they've done.

> from m$ help " By default, Microsoft Outlook blocks attachment files (
> such as .bat, .exe, .vbs, and .js) that can contain viruses. You cannot
> see or access the attachments. Your Inbox will display the paperclip
> icon in the Attachment column to let you know that the message has an
> attachment, and you will see a list of the blocked attachment files in
> the InfoBar at the top of your message. If you try to open the
> attachment by right-clicking the item, View Attachments will not appear
> on the shortcut menu. If you need to use files, such as .exe files, from
> others, have them post the files to a network share or to a Web share
> that you can access."

> Also " There are two levels of attachment security. Access to level 1
> files is blocked and can't be changed."

> Now lets say I need that file and I don't have access to the same
> network or web share? Is there away around this? Maybe like
> filename.exe.blah or would that corrupt the attachment when I rename it
> back to .exe later?

        Have him zip the file to a zip file (password protected if need
be to prevent auto-unpacker from inspecting the contents) or have him
pgp encrypt it. That's how I have people send me samples of cypertoxins
to get around our ingress filtering. (Hostile payload extensions don't even
get near the MS servers. They get block in-line by Unix MTA servers. I
don't even run Microsoft virusware and it still filters my mail.)

> The funniest part (for all your m$ bashers out there) is the file I was
> trying to get was none other then M$ urlscan (something they should have
> released with IIS, instead of all those buffer overflows... Oh wait this
> M$.) Sorry for the M$ bashing but I find this nonsense. I enjoy
> outlook but I don't enjoy people shoving there ideas down my throat.

        I find it nonsense that anyone would be stupid enough to send
anything as an unpackaged .exe file. Does this friend not have a clue?
We have had worms and virii masquarading as "friends" and sending fake
anti virus products and fake virus notices and updates and everything.
What do you two expect? He looks just as much like a worm as any other
hostileware out there and you act like a typical victim who wants to
know why they can't run this new fangled dohingy your buddy just sent
you. You two fit the propagation model exploited by most of the last
several worms that cut loose perfectly.

> Any thoughts?

        Yup. You and your friend need to buy a clue and NEVER SEND OR
READ ANY executable. Whether you trust the sender or not. Whether you
were expecting something or not (several people were infected with
explore.zip from Microsoft because they were expecting something from
the people they caught it from). If you want to send an executable,
send it encapsulated in a zip file or in pgp encrypted form.

> Public or private welcome. Flames welcome but don't send them as
> executable cause apparently I can't get them :)

        And that's the good news.

> Cheers,

> Leon

        Mike 

-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

Relevant Pages

  • Re: My last post cool but sad and well taul
    ... a friendship built on trust, ... Aloha Marcus My friend! ... I ate all the fingernails off of all my fingers just to "do something ... if I HAD outlook express, but I extremely dislike it and delete the ...
    (alt.support.chronic-pain)
  • Re: Sometimes mail - sometimes not - Why?
    ... Friend recently started having problems with sending and receiving ... He has a 6 month old desktop Packard Bell pc, Windows XP, Internet ... MS MVP - Windows (Outlook Express) ... Email rules will help somewhat with the problem but the only real solution is to pay for separate accounts. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Importing with "do not import duplicate items" based on 1 crit
    ... my friend receives every other day a list of fax numbers in ... Dear Russ, I'm not sure what you meant when you said, "Outlook does not ... contact folder along with one or more in the Access file - how is the ... of the exercise is a contact folder of unique business fax numbers where no ...
    (microsoft.public.outlook.contacts)
  • Re: Strange problem when deleting mail
    ... This is an option in Outlook - and your friend has not enforced the 'tell me ... This is my first time on Google groups:) ... My friend has been facing a strange problem... ... Items) from a particualr sender, that sender immediately gets a message ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Outlook Express
    ... A friend is having problems with the above. ... Outlook express is incorrectly configured. ... where is the Windows user name. ... The only time I do like to use MSOE is for posting binary images to ...
    (soc.genealogy.computing)