E-Mail Block EXE's?

View Poll Results: Was Clinton a good president?

Voters
24. You may not vote on this poll
  • No, he really sucked

    7 29.17%
  • Yes, and I am I crackhead

    13 54.17%
  • Maybe, if he wasn\'t gay

    3 12.50%
  • Never will be because he is a rich treasoner

    1 4.17%
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: E-Mail Block EXE's?

  1. #1
    Senior Member
    Join Date
    Sep 2003
    Posts
    279

    E-Mail Block EXE's?

    I work at my local ISP and we here are talking about filtering out all EXE attachments. If someone wants to send an EXE file they will have to zip it up. This, we belive, will give the receiver more time to scann the file before opening it up.

    Do You This We Should Filter EXE Files Or Is To Too Much Of Use To Ask Our Customers To Zip Them Up?
    AntiOnline Quick Forum Version 2b Click Here
    10010101000000110010001100111

  2. #2
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    Well if you are talking home users you would be wasting your time really. If they could not get the file or did not know how to Zip it they's set up a temp email account for free and say send it here and if under 3 megs one click and the infection starts. As a pro admin I can block just about anything arriving email and catch the rest with virus scanners. I cannot however block lame users going to a free email account, and then downloading it. Forget and ISP hey have IM, IRC also. There is no cure for lame users especally when M$ touts their software as being secure. Is really to much to ask of end users unless say they loose their connect because of setting loose an infection or have an unsecure. As an ISP do you premote uses of virus scanners and say firewalls. Give lame users these by default or at least make them very aware of it.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    im with pale moon on this one.

    if you decide to do this you better beef up you support staff cause you'll be swamped with calls. "what happened to my file?" and i really don’t think its a service providers place to do this unless you have software like aol that zips/unzips things automatically and want to cater to the computer illiterate.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  4. #4
    Senior Member
    Join Date
    May 2002
    Posts
    101
    Working for an ISP before I understand both sides of it. #1 block .exes that would stop calls from the morons that call in all day long talking about I got a virus you are my ISP and you should be cleaning them out for me. Trust me I have had plenty of those lusers. Then you get the people that know what they are doing and take precautions and we don't want someone telling us that we NEED to zip our files even though we might do this ourselves. It is a lose lose situation but ISP's always have people that are not technically savvy reviewing their operation and they are the ones that come up with this stupid stuff but to the luser it may sound like a great idea.

  5. #5
    Senior Member
    Join Date
    Jul 2003
    Posts
    217
    Not a good idea for ISPs to block exe in mail. Its gonna result in a shitload more calls by their end users. I think a better idea would be to offer the service to users and allow them to choose if they want it. Then at least you can always say that the user has signed for it and thus the exe has been blocked.

  6. #6
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    I'm with r8devil on this one..

    It's easy to configure it in a way users can select how they want their mail to be filtered..

    try procmail

    http://www.impsec.org/email-tools/pr...-security.html

    you could also use mangled ("defanged") attachment filenames,
    this could get you a lot of user calls.. but they will be safe from virii
    and will still be able to get them (damned) exe attachments..

    http://www.impsec.org/email-tools/sa...-unmangle.html

    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  7. #7
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    Tricky one that:

    - As an ISP it's generally your responsibility to provide users with a correct, working, unfiltered internet connection. Some users could consider filtering email to be a fault.
    - But of course .exes in email aren't really that useful
    - But people do send them sometimes legitimately

    If you filter exes, you may as well filter out dozens of other file types often used by worms too, and put in a rule which throws anything which looks like an mz exe away (even if it isn't called .exe)

    Ideally you'd have the filters turned on by default, and provide the user an option to turn it off.

    Also, if you do remove an attachment from an email, add a text file explaining why the attachment was removed and telling them how to get it not removed.

  8. #8
    Senior Member BrainStop's Avatar
    Join Date
    Jan 2002
    Posts
    295
    Another consideration on this one is self-extracting zipfiles.

    I sometimes send files to my parents and they are totally clueless when it comes to software. So instead of trying to explain to them what zip means, I just create a self-extracting zipfile, and tell them to double-click on it.

    (But then, I've also installed firewall and anti-virus software on their PC).

    It's a tough choice, being a service provider.

    Cheers,

    BrainStop
    "To estimate the time it takes to do a task, estimate the time you think it should take, multiply by two, and change the unit of measure to the next highest unit. Thus we allocate two days for a one-hour task." -- Westheimer's Rule

  9. #9
    I agree that blocking .exe .doc and .xls files are a mistake. We tried it briefly and quickly stopped it. I do not think, though there is anything wrong with block .pif, .vbs, .scr, and .bat from coming through. They are nonstandard for the average user to send, and those people who are sending them are technical enough that if you explained your reasoning, would agree.

    A good solution is a package like exim and create mail filters via exim. Here you can block out files with those extensions and also create custom filters for certain .exe's that you know are virii currently being sent through the internet.

    Grinler

  10. #10
    Senior Member
    Join Date
    Sep 2003
    Posts
    279
    we offer a serrvice called spamzapper, what it does is creat a folder called spam and most of the spam you receive goes there instead of your inbox. What we wanted to do is all another to it's rules that will also send the EXE's and not the message to that folder.

    When they view their message it will display a message like:

    --------------------------------------------------------------------------------------------
    Attachment May Have Contained A Virus And Was Sent To SPAM folder
    --------------------------------------------------------------------------------------------

    Would This Be A Good Idea? It Should Cut Back On The Spreand Of Most E-Mail Virii

    Or Sould We just Tell Them To Buy A Good AV w/ E-mail Protection?
    AntiOnline Quick Forum Version 2b Click Here
    10010101000000110010001100111

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •