Re: [Asrg] System hijacking
Kee Hinckley <nazgul@somewhere.com> Thu, 26 June 2003 21:46 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA23326 for <asrg-archive@odin.ietf.org>; Thu, 26 Jun 2003 17:46:38 -0400 (EDT)
Received: (from exim@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5QLkBq17030 for asrg-archive@odin.ietf.org; Thu, 26 Jun 2003 17:46:11 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VeZH-0004QU-8z for asrg-web-archive@optimus.ietf.org; Thu, 26 Jun 2003 17:46:11 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA23304; Thu, 26 Jun 2003 17:46:06 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19VeZE-0006La-00; Thu, 26 Jun 2003 17:46:08 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19VeZ8-0006LV-00; Thu, 26 Jun 2003 17:46:02 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VeZ7-0004HM-4v; Thu, 26 Jun 2003 17:46:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VeYx-0004GZ-UP for asrg@optimus.ietf.org; Thu, 26 Jun 2003 17:45:51 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA23295 for <asrg@ietf.org>; Thu, 26 Jun 2003 17:45:47 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19VeYv-0006LE-00 for asrg@ietf.org; Thu, 26 Jun 2003 17:45:49 -0400
Received: from www.somewhere.com ([66.92.72.194] helo=somewhere.com) by ietf-mx with esmtp (Exim 4.12) id 19VeYk-0006Kx-00 for asrg@ietf.org; Thu, 26 Jun 2003 17:45:38 -0400
Received: from [66.92.72.194] (account nazgul HELO [192.168.1.104]) by somewhere.com (CommuniGate Pro SMTP 3.5.7) with ESMTP-TLS id 2487479 for asrg@ietf.org; Thu, 26 Jun 2003 17:45:09 -0400
Mime-Version: 1.0
X-Sender: nazgul@somewhere.com@pop.messagefire.com
Message-Id: <p06001707bb21187938da@[192.168.1.104]>
In-Reply-To: <B0000024265@nts1.terabites.com>
References: <B0000024265@nts1.terabites.com>
To: asrg@ietf.org
From: Kee Hinckley <nazgul@somewhere.com>
Subject: Re: [Asrg] System hijacking
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Thu, 26 Jun 2003 17:44:02 -0400
At 3:10 PM -0500 6/26/03, gep2@terabites.com wrote: >The great majority of senders would not need attachment permission 6% of the email to wormalert contains attachments. Virtually all of those messages were sent to everyone in the recipients address book. (E.g. baby pictures, jokes...) A number of email companies have based their entire business model on the fact that their user's email messages *always* include attachments. Based on those, I would guess that no major software company will support a proposal which blocks attachments by default. Furthermore, I would expect them to fight any such proposal quite vigorously. And even if they fail, and such a system is put in place, people will very rapidly white list everyone of their close friends. Thus negating any benefit in fighting viruses. (The issue with executable attachments isn't so much that they are accepted, but that the email client is fooled into thinking that they aren't executable. If that bug isn't fixed, then obviously the ability to do selective blocking won't be there either. Blocking at the server sounds tempting, but unfortunately it means trying to guess what nutty attachment syntax Outlook might actually recognize, as opposed to what the standards said they should accept.) -- Kee Hinckley http://www.messagefire.com/ Anti-Spam Service for your POP Account http://commons.somewhere.com/buzz/ Writings on Technology and Society I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- Re: [Asrg] System hijacking Kee Hinckley