[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] ID wwywxugwisi... thanks

Michel Messerschmidt wrote:

A better idea is to enforce the list policy and remove attachments from all
messages to the list. Beside reducing the confusion about infected subscribers
it avoids the problem that some mail archives preserve such infected
attachments for a long time.

i would not like to remove all attachments, sometimes ppl post configs
etc. or maybe a png about a network topology. Such things should not
get removed. Besides from that, i would more like if ppl would learn
not to click on every shit in an email. As this is a securty list (and
for linux!) ppl should be able to see that such messages are not
harmful. It also makes it possible to 'early detect' new virus and
you can take care of your users. I know that not all ppl reading
this lists are security professionals, but, i love you etc. is more
than 5 years old, isn't it? and the same shit still works? nah, ppl
really should start to learn. If ppl wanna do security, then this
is one of the first things to learn (and learn to teach others not
to do). Archiving such things is probably bad, yeah, but afaik
most archivers drop attachments which are bigger than x. If you
really want to drop attachments, then maybe just the well known
windows executables like com exe bat pif scr etc.

just my 2eurocents.


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here