Human factors...
Jethro R Binks
jethro.binks at STRATH.AC.UK
Wed Dec 5 18:23:21 GMT 2001
Hi Quentin,
A couple of people here mentioned something to the same effect. So I
modified mailscanner.conf to say:
===
Inline Text Warning = Warning: This message has had one or more viruses
removed by the University of Strathclyde Email Scanning System. Please
read the "VirusWarning.txt" attachment(s) for more information. Contact
the IT Services Helpdesk on the usual number to check the authenticity of
this message.
Inline HTML Warning = <P><B><FONT SIZE="+1" COLOR="red">Warning:</FONT>
This message has had one or more viruses removed by the University of
Strathclyde Email Scanning System. Please read the "VirusWarning.txt"
attachment(s) for more information. Contact the IT Services Helpdesk on
the usual number to check the authenticity of this message.</B><BR></P>
===
The Helpdesk know what to tell people. In some sense, the methods of
contacting the IT Services Helpdesk are a shared secret, hopefully by not
dictating the number/email address there will be a minor level of
assurance.
I also added extensive (maybe too extensive!) blurb to the other messages
that get sent out. I suppose there should be a URL with more info quoted
for all cases, but I'm a bit rubbish at documenting things on web pages.
I would like to be able to configure the name of the attachment with the
warning in it, however ...
Jethro.
On Wed, 5 Dec 2001, Quentin Campbell wrote:
> The message below is typical of a sort that I often receive. Many of our
> users have become wary (as they should be) about opening any attachment,
> particularly where the word "virus" is present in the message.
>
> This is becoming an obstacle to them opening the attachment that
> MailScanner helpfully sends with the recipient warning message. I wonder
> how things could be restructured so that the recipient warning does not
> induce this reaction so strongly? Perhaps I need to modify the text of
> the warning so that it is more clearly seen to be a message from us that
> can be trusted; has anyone approached this problem in the same way?
>
> Quentin
> ---
> PHONE: +44 191 222 8209 Computing Service, University of Newcastle
> FAX: +44 191 222 8765 Newcastle upon Tyne, United Kingdom, NE1 7RU.
> ------------------------------------------------------------------------
> "Any opinion expressed above is mine. The University can get its own."
>
> ----------- cut here
> >[snip]
> >sorry to bother you with this, but I'm not sure who else to ask.. I
> >still get the occasional email with an attachment and:
> >
> >>I send you this file in order to have your advice
> >
> >as part of the text. I can't remember which virus/worm it was, but now
> >there is now a header which says
> >
> >>Warning: This message has had one or more attachments removed. Please
> >>read the "Virus Warning.txt" attachment(s) for more information.
> >
> >and indeed there is indeed an attachment Warning.txt
> >
> >However being a bit on the over cautious side I'm reluctant to read
> >said Warning.txt until I know from where its come. Is this all real UCS
>
> >protection in action or is it all another nasty but clever ploy?
> >
> > Thanks
> ----------- cut here
>
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks Computing Officer, IT Services
Mailmaster, Listmaster, Webmaster, University Of Strathclyde, Glasgow, UK
Cachemaster jethro.binks at strath.ac.uk
More information about the MailScanner
mailing list