Post by HendrikRussell, am curious to know which reason you would see, in today's
"hostile" mail environment, why your mail filter would not completely
discard messages to the list that have executable (or for that matter,
any) attachments? :-)
The concept of an "executable" is operating system specific. Recipients
should be notified that an "executable" has been stripped so that they can
send the sender (where it is a legitimate file they wanted) to send it to
them some other way.
This applies to mailing lists as well. If a list manager wants to just
toss these messages into the big-bucket then it should be that list
manager and not the system that makes this choice. While I have been
pointed to programs like "stripmime", ideal would be a patch to Majordomo
(or some other mailing list manager) which put this type of feature in the
hands of the list administrator. I believe newer versions of MailMan can
do this, but I haven't spent the time to do the research.
If anyone has recommendations about such things, they are always
appreciated.
I know I'm repeating myself, but the simplest way to deal with hostile
"executables" is to:
a) Learn (and more importantly teach) safe computing practices that
include never installing programs on your computer that you don't need and
don't know the source of. People tend not to eat raw chicken that they
don't know how long it has been sitting outside in the sun or where it
came from, so why people install random programs onto their computer from
the net is beyond me.
b) Switch away from applications which automatically install programs
just by "viewing" an email. This is a fatal design flaw in this software,
contrary to the RFC's which define email attachments. Software that
violates these RFC's should not be allowed on the net at all, but
unfortunately the IETF doesn't have an enforcement arm to deal with
violations such as Microsoft Outlook.
This is not a case of blaming the victim. The victims are all of us
that get these junk messages, not the person who deliberately engaged in
acts that caused their computers to distribute these things. When that
raw-chicken-eater gets sick, they too don't receive much sympathy from me
;-)
Post by HendrikNot really: it's a rather old trick. :-) Except that it does not do much
damage any more, since subscriptions nowadays require an active
confirmation via call-back. (In that context i am puzzled how the
ever get on the list without him/her knowing it).
Sympatico.ca is the ISP of the telecom monopoly in Canada. They allow
users to choose their own addresses as long as they are unique. Likely
someone in the past using the very generic name "sale" joined the list,
they then gave up that address, and someone else requested it and got all
the mail that the old "sale" person had.
--
Russell McOrmond, Internet Consultant: <http://www.flora.ca/>
Open letters with Susan Crean http://www.flora.ca/creators/
Petition for Users' Rights http://www.digital-copyright.ca/petition/
All citizens are "rights holders"!
-
Message part of the FLORA.org HelpDesk: http://www.flora.org/flora/help/