Attachments

[Colin Jack]

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info 
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
> Of Ken Goods
> Sent: Thursday, September 14, 2006 4:48 PM
> To: 'MailScanner discussion'
> Subject: RE: Attachments
> 
> >> Colin Jack wrote:
> >>> Hmmm ... it looks like MailScanner is refusing the attachments 
> >>> because the .zip file contains unacceptable files ... 
> e.g. .exe and 
> >>> .chm
> >>> 
> >>> This seems a little over the zealous. We usually suggest 
> to clients 
> >>> mailing .exe files (install files for example) to .zip them up to 
> >>> get through filters!!
> >>> 
> >>> What is the best way to deal with this? Can I tell 
> MailScanner not 
> >>> to look inside .zip files
> >>> 
> >>> Thanks
> >>> 
> >>> Colin
> 
> Colin,
> 
> Just thought I'd add my 2 cents....
> What I have done here is to instruct my users to rename any 
> executables to .txt then instruct their recipient to rename 
> the attachment back to .exe once they have received it. 
> 
> This does three things... first, it gets my (very technically 
> illiterate) users to be aware of file extensions to begin 
> with and to know what I'm talking about when I say this one 
> or that one is potentially dangerous. (it also helps them get 
> used to renaming files) Second, since the file has come from 
> somebody they know (I instruct them to pre-contact the 
> recipient so they are expecting an executable) and has 
> instructions on how to make the file back into an executable, 
> it makes them more aware of the way viruses are propagated 
> via email and there is less chance that someone will 
> inadvertently open a virus (of course I run two virus 
> scanners to this is a slim chance anyway). And third, and I 
> guess most importantly, it gets the file through any filetype 
> checking based on the extension. (Outlook, OE...
> etc..) Besides, anti-virus software will still catch viruses 
> regardless of the file extension.
> 
> One can argue that zipping them up is a better way to handle 
> it but in my experience with *my* users, I have found it's 
> easier for them to simply rename the file on both ends. This 
> has been working very well here for the last couple years... YMMV
> 
> This was a solution I didn't see mentioned so I thought I'd 
> throw it into the mix.
> 
> Kind regards,
> Ken Goods
> Network Administrator
> AIA/CropUSA Insurance, Inc.
> 

Thanks Ken - yeah we already do that (well we say remove the last letter
and replace it with an underscore, but same principal). The zip problem
arises where support staff email patches etc. with things like
update.exe, dodgy.dll etc. inside a zip.
http://www.mainline.co.uk/spam_error.html

Just out of interest ... the default setting for Archive Depth seems to
be '2' and '0' turns it off ... so what does '1' do? ;)

Colin