Zero-length attachments
Kevin Spicer
kevins at BMRB.CO.UK
Wed Oct 1 19:59:16 IST 2003
On Wed, 2003-10-01 at 19:42, Antony Stone wrote:
>If the option is set at "Yes" then Zero-size attachments bypass the
>filename,
>filetype and virus checks (the latter two for efficiency, because
>there's
>nothing to bother checking).
no they should still be blocked, because...
a) its gives the impression of inconsistency
b) zero byte files could be used in nuisance social enginering attacks
("please copy the attached updated file - vimportant.dll into
C:\windows\system32, love from Microsoft")
c) Files appearing to get through the filter could send some managers
into a flurry of panic thinking something has gone wrong, causing them
not to trust MailScanner.
d) Odds are there is something suspect about any mail with a zero byte
attachment.
BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_________________________________________________________________
This message (and any attachment) is intended only for the
recipient and may contain confidential and/or privileged
material. If you have received this in error, please contact the
sender and delete this message immediately. Disclosure, copying
or other action taken in respect of this email or in
reliance on it is prohibited. BMRB International Limited
accepts no liability in relation to any personal emails, or
content of any email which does not directly relate to our
business.
More information about the MailScanner
mailing list