Re: suggestions for blocking dangerous mail attachments?

From: Dan Donkers (donks@kent.net)
Date: 01/22/03

Next message: dave: "RE: Windows 2000 local security policy"

Previous message: Andy Streule: "RE: Network Scan"
In reply to: Juan Mejia: "suggestions for blocking dangerous mail attachments?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 21 Jan 2003 18:46:19 -0500 (EST)
From: Dan Donkers <donks@kent.net>
To: Juan Mejia <jmejia@uchile.cl>

On Sat, 11 Jan 2003, Juan Mejia wrote:

> Here are my questions:
>
> What's your opinion about changing file extensions on windows
> machines to reduce the threat of malware through e-mail?

The only way to make something foolproof is to keep it away from the
fools. You know it will be just a matter of time 'til someone renames the
attachment to .exe, runs it and you have a virus on the loose.

>
> Do you know of some application that does this on linux?
>
> If there's nothing like this on linux, what should I start
> reading, searching, etc. in order to make it on my own? (I
> have no idea about e-mail on Linux. Also I realize I
> probably will never get to do it, but having a project in
> mind is the best way to learn about something new).
>

All flavours of Linux will include procmail, which is a mail sorting
program that will do what others have suggested. I am currently using it
for my home network to scan all emails coming in. It now searches for
known_virus (the ones that we have trapped, confirmed that it is a virus
and written a definitive "recipe" to catch any others). It also traps any
messages that contain attachments which we deem are unacceptable. These
messages are quarantined until we determine that they are safe and then
can be released, but only I have the authority to release them. Later on,
when you get tired of all the spam that you get, you can use the same
program to easily filter 95% of the junk mail so it doesn't get to your
users.

The upside of all of this is that you can customize it to the exact way
you want it to operate. The challenge is that you will have to learn alot
along the way.

My $.02

Good luck in whatever you choose
Dan

*********************************
* Registered Linux user: 244008 * "Free speech is the right to yell
* * 'theater' in a crowded fire"
* Powered by Slackware 8.0 *
*********************************

Next message: dave: "RE: Windows 2000 local security policy"
Previous message: Andy Streule: "RE: Network Scan"
In reply to: Juan Mejia: "suggestions for blocking dangerous mail attachments?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Someone sending e-mails with my address
... > mixed up with who had the virus or whatever, ... > was basically explaining to that person was correct. ... she can do about somebody else's infected computer. ... I refuse to accept gifts from fools. ...
(microsoft.public.security)
Re: Absurd Vaccine Marketing -- Cervical Cancer Vaccinations for Boys - Articles
... the virus that causes cervical cancer but isn't symptomatic. ... it on and Billy becomes a carrier, also with no symptoms. ... The absurdity is fools who can't think... ...
(misc.consumers)