Zero-length attachments

Antony Stone Antony at SOFT-SOLUTIONS.CO.UK
Wed Oct 1 21:22:34 IST 2003

On Wednesday 01 October 2003 9:12 pm, Kevin Spicer wrote:

> On Wed, 2003-10-01 at 20:32, Antony Stone wrote:
> >I'd still like to see some MailScanner option for treating zero-size
> >attachments differently from "real" ones.
> Hmmm, the more I think of this the less simple it seems!  A one byte
> file isn't dangerous either, or a two byte.  When does applying 'common
> sense' cease to be common sense?

Oh, I agree, but I think there's a clear distinction between a zero-byte (in
other words, non-existent) file, and a file with some content in it, no
matter what that content may be, or how insiginificant it is.

Also, in the example I gave of Sobig.F, where sometimes the virus doesn't
propagate correctly, and ends up sending a zero-byte file instead of a virus,
I'm not aware of "near-misses", where one byte gets sent, or two bytes, etc.
It's either zero, or a virus.

> There is some merit in including the file size in the report, although
> Mr. Clueless L. User probably doesn't even know what a byte is  (looking
> at my logs theres certainly plenty of folks who have no appreciation of
> how big a megabyte is!).

Again, agreed that many users don't know what a byte is, but I think they do
know the difference between a zero-size file (ie nothing) and a non-zero-size
file (ie something), no matter what units the size of a file is measured in.



What a waste it is to lose one's mind -- or not to have a mind.   How true
that is.

 - Dan Quayle, vice-president of the United States of America

More information about the MailScanner mailing list