SANS news today
Jeff A. Earickson
jaearick at COLBY.EDU
Wed Nov 19 15:48:38 GMT 2003
This blurb appeared in today's SANS newsletter:
--MIT e-Mail Systems Reject Messages with Executable Attachments
(13 November 2003)
Massachusetts Institute of Technology (MIT) e-mail administrators have
reconfigured their systems to reject any e-mail messages that have
executable attachments. Senders will receive error messages detailing
why their message was rejected.
http://informationweek.securitypipeline.com/news/showArticle.jhtml?articleId=16100513
http://mit.edu/services/mail/attachments.html
[Editor's Note (Pescatore): This is an increasingly common strategy, as
enterprises who analyze their incoming email realize that 99.9% of the
executable attachments have zero business value. It makes sense to do
it at home, as well.
(Paller) This is one more in a long line of security innovations
pioneered by MIT. MIT offers a remarkable example of how well a large
research university can police its systems, protect its faculty, staff,
and students, and be a good citizen on the Internet. Kudos to Bob
Mahoney and the whole MIT security team.]
Hmmm, I notice that MIT has been listed in MailScanner's list of
users for a while. Gee, I'll bet they changed filename.rules.conf
to make this magic happen. Too bad that nobody gave credit to the
real innovator here...
--- Jeff Earickson
Colby College
More information about the MailScanner
mailing list