Don't you just love it. Someone sent me a file today which got blocked. Here is the accompanying email from the IT department which they added to the mail.... :ouch:

This email contained a .zip attachment, so all attachments have been removed. XXXXXXX does not allow emails with .zip attachments. Please follow the instructions below to receive the files that were removed.

+ Contact the sender to rename the file, (e.g., change filename.zip to filename.rtnzip) and resend.

+ When you receive the file, change the name back to filename.zip.

Should you have any questions or difficulty with these instructions, please contact the Help Desk for assistance.

And?:confused:

Seems like a reasonable way of combating unsolicited e-mails containing zips which in turn contain .exe files that if run would cause damage. If the sender renames it and resends it you can be confident that the sender is known, and not malicious. My company doesn't allow .exe and a few others through, but does allow zips. However I have an idea that their mail filter program looks at the filetypes within the zips, which achieves the same thing.

I could retire today if I had $1 for each of the .exe and .zip files I receive d until I sorted out a proper spamguard on the system. Every one was potentially lethal.

Sending legit files in a .zip is far less common these days with the proliferation of broadband.

...then people get used to the fact that they have to rename without thinking the attachments they recieve called file.zip.rename to file.zip and they blindly execute what is inside. The spammers will soon be sending file.zip.rename-me attachments.

The advice is crazy, it does nothing to stop the virus/trojan as the user is no more educated than before as how to test that the contents of the file are safe or how to ascertain if the executable is OK or not.

Detemining that the zip came from someone who is prepared to rename it and send it again ony confirms to the source that they have a willing victim in their sights, or that the email address has a real user at the other end.

This is not security, it is IT red tape, serving no useful purpose :D

tallsandwich,

Very true...

Reminds me of the hi-viz jacket debate!

SD

Suggest that your correspondent uploads the file(s) to one of the free sites, and then sends you the link for the download. The link page can be password-protected.

I have had to resort to what AA has said, upload to a site and paste the link...

My Uni mail server will let teachers send all types of attachments, however, i sent myself a Maple XML the other day, and it blocked it... Must be a two tier system, not sure what damage an xml could do though? All i can send is Word and PDF...

The thing about the origional post i dont get is...

Wont spammers just start chaning the extension... But on my restricted XP account at Uni i cant change file types, not sure if this applies to business desktops, suppose its down to the business but most would just be similar to a guest, wouldnt they?

Surprised by now there is not some clever system that can open a zip, scan it for virus, or bad file names, and block or forward on...

SD - would that be the "my Hi Viz jacket is on so I won't get hit by a car now"? I missed that debate I think....

I was thinking more of the generic nonsense of hi-viz on GA aerodromes rather than any specific threads (of which there have been many on pprune).

SD