Zero-length attachments
Antony Stone
Antony at SOFT-SOLUTIONS.CO.UK
Wed Oct 1 21:22:34 IST 2003
On Wednesday 01 October 2003 9:12 pm, Kevin Spicer wrote:
> On Wed, 2003-10-01 at 20:32, Antony Stone wrote:
> >I'd still like to see some MailScanner option for treating zero-size
> >attachments differently from "real" ones.
>
> Hmmm, the more I think of this the less simple it seems! A one byte
> file isn't dangerous either, or a two byte. When does applying 'common
> sense' cease to be common sense?
Oh, I agree, but I think there's a clear distinction between a zero-byte (in
other words, non-existent) file, and a file with some content in it, no
matter what that content may be, or how insiginificant it is.
Also, in the example I gave of Sobig.F, where sometimes the virus doesn't
propagate correctly, and ends up sending a zero-byte file instead of a virus,
I'm not aware of "near-misses", where one byte gets sent, or two bytes, etc.
It's either zero, or a virus.
> There is some merit in including the file size in the report, although
> Mr. Clueless L. User probably doesn't even know what a byte is (looking
> at my logs theres certainly plenty of folks who have no appreciation of
> how big a megabyte is!).
Again, agreed that many users don't know what a byte is, but I think they do
know the difference between a zero-size file (ie nothing) and a non-zero-size
file (ie something), no matter what units the size of a file is measured in.
Antony.
--
What a waste it is to lose one's mind -- or not to have a mind. How true
that is.
- Dan Quayle, vice-president of the United States of America
More information about the MailScanner
mailing list