Company IT Security
Ecce Homo! Loquitur...
Thread Starter
Company IT Security
Don't you just love it. Someone sent me a file today which got blocked. Here is the accompanying email from the IT department which they added to the mail....
This email contained a .zip attachment, so all attachments have been removed. XXXXXXX does not allow emails with .zip attachments. Please follow the instructions below to receive the files that were removed.
+ Contact the sender to rename the file, (e.g., change filename.zip to filename.rtnzip) and resend.
+ When you receive the file, change the name back to filename.zip.
Should you have any questions or difficulty with these instructions, please contact the Help Desk for assistance.
This email contained a .zip attachment, so all attachments have been removed. XXXXXXX does not allow emails with .zip attachments. Please follow the instructions below to receive the files that were removed.
+ Contact the sender to rename the file, (e.g., change filename.zip to filename.rtnzip) and resend.
+ When you receive the file, change the name back to filename.zip.
Should you have any questions or difficulty with these instructions, please contact the Help Desk for assistance.
Join Date: Dec 2000
Location: Manchester, England
Age: 58
Posts: 897
Likes: 0
Received 0 Likes
on
0 Posts
And?
Seems like a reasonable way of combating unsolicited e-mails containing zips which in turn contain .exe files that if run would cause damage. If the sender renames it and resends it you can be confident that the sender is known, and not malicious. My company doesn't allow .exe and a few others through, but does allow zips. However I have an idea that their mail filter program looks at the filetypes within the zips, which achieves the same thing.
Seems like a reasonable way of combating unsolicited e-mails containing zips which in turn contain .exe files that if run would cause damage. If the sender renames it and resends it you can be confident that the sender is known, and not malicious. My company doesn't allow .exe and a few others through, but does allow zips. However I have an idea that their mail filter program looks at the filetypes within the zips, which achieves the same thing.
Red On, Green On
Join Date: May 2004
Location: Between the woods and the water
Age: 24
Posts: 6,487
Likes: 0
Received 2 Likes
on
2 Posts
I could retire today if I had $1 for each of the .exe and .zip files I receive d until I sorted out a proper spamguard on the system. Every one was potentially lethal.
Sending legit files in a .zip is far less common these days with the proliferation of broadband.
Sending legit files in a .zip is far less common these days with the proliferation of broadband.
PersonalTitle to help support PPRuNe against legal bullying.
Join Date: Sep 2005
Location: France
Posts: 134
Likes: 0
Received 0 Likes
on
0 Posts
...then people get used to the fact that they have to rename without thinking the attachments they recieve called file.zip.rename to file.zip and they blindly execute what is inside. The spammers will soon be sending file.zip.rename-me attachments.
The advice is crazy, it does nothing to stop the virus/trojan as the user is no more educated than before as how to test that the contents of the file are safe or how to ascertain if the executable is OK or not.
Detemining that the zip came from someone who is prepared to rename it and send it again ony confirms to the source that they have a willing victim in their sights, or that the email address has a real user at the other end.
This is not security, it is IT red tape, serving no useful purpose
The advice is crazy, it does nothing to stop the virus/trojan as the user is no more educated than before as how to test that the contents of the file are safe or how to ascertain if the executable is OK or not.
Detemining that the zip came from someone who is prepared to rename it and send it again ony confirms to the source that they have a willing victim in their sights, or that the email address has a real user at the other end.
This is not security, it is IT red tape, serving no useful purpose
Red On, Green On
Join Date: May 2004
Location: Between the woods and the water
Age: 24
Posts: 6,487
Likes: 0
Received 2 Likes
on
2 Posts
Suggest that your correspondent uploads the file(s) to one of the free sites, and then sends you the link for the download. The link page can be password-protected.
Join Date: Jun 2006
Location: BRISTOL!
Age: 39
Posts: 526
Likes: 0
Received 0 Likes
on
0 Posts
I have had to resort to what AA has said, upload to a site and paste the link...
My Uni mail server will let teachers send all types of attachments, however, i sent myself a Maple XML the other day, and it blocked it... Must be a two tier system, not sure what damage an xml could do though? All i can send is Word and PDF...
The thing about the origional post i dont get is...
Wont spammers just start chaning the extension... But on my restricted XP account at Uni i cant change file types, not sure if this applies to business desktops, suppose its down to the business but most would just be similar to a guest, wouldnt they?
Surprised by now there is not some clever system that can open a zip, scan it for virus, or bad file names, and block or forward on...
My Uni mail server will let teachers send all types of attachments, however, i sent myself a Maple XML the other day, and it blocked it... Must be a two tier system, not sure what damage an xml could do though? All i can send is Word and PDF...
The thing about the origional post i dont get is...
Wont spammers just start chaning the extension... But on my restricted XP account at Uni i cant change file types, not sure if this applies to business desktops, suppose its down to the business but most would just be similar to a guest, wouldnt they?
Surprised by now there is not some clever system that can open a zip, scan it for virus, or bad file names, and block or forward on...
PersonalTitle to help support PPRuNe against legal bullying.
Join Date: Sep 2005
Location: France
Posts: 134
Likes: 0
Received 0 Likes
on
0 Posts
Hi-Viz
SD - would that be the "my Hi Viz jacket is on so I won't get hit by a car now"? I missed that debate I think....
Spoon PPRuNerist & Mad Inistrator
I was thinking more of the generic nonsense of hi-viz on GA aerodromes rather than any specific threads (of which there have been many on pprune).
SD
SD