[SASAG] Spam/AV Filtering

Tres Wong-Godfrey tres at apollonian.net
Fri Sep 25 11:02:32 PDT 2009

This is OT, but relevant here, since I never saw Scott's recommendation.

Personally, I think it would be nice if the default action for replies  
on the list was to send back to the list. As most of us have much the  
same problems at one time or another, seeing what everyone's responses  
are and being able to learn from them is a decidedly Good Thing.  
Having those responses available in an archive is a Very Good Thing.

I'm okay hitting "Reply All," but it's those missing responses that  
really make me wonder how much I'm missing. To me, one of the greatest  
benefits of being on a list is being able to learn from the collective  
knowledge of the others on the list -- whether or not it's a problem  
I'm currently facing myself. Also, the public responses are a segue  
into dialogs about a given subject rooted in experience and  
understanding; they can actually enhance and deepen the understanding  
of the subject in a way that private responses can not.

If there is logic to the current configuration, I'd like to understand  

(And hopefully this isn't raising the noise level too much for  
everyone, but it's been something I've been wanting to understand for  
a while.)


On Sep 25, 2009, at 10:41 AM, <eric at kahklen.com> wrote:

> Good point.  Unfortunately it is quite a chore to keep up with every  
> Adobe
> reader update using sneaker net :)  Thanks to Scott's recommendation  
> on a
> prior post, I'll be looking into System Center Essentials to hopefully
> improve that headache :)
> Thanks,
> Eric
> On Fri, 25 Sep 2009 10:35:37 -0700, "spam at tprophet.org" <spam at tprophet.org 
> >
> wrote:
>> It's hard to block zip and pdf without getting in the way of the
>> business, even though these attachment types can carry malware. Your
>> virus wall should scan these file types before passing them along -  
>> you
>> can protect yourself beyond that by making sure users stay up to  
>> date on
>> the Adobe reader, since it's ridiculous bloatware riddled with  
>> security
>> vulnerabilities at this point. Users, in general, seem to be getting
>> more sophisticated and they can be trained to pick up the phone when
>> they're suspicious of an attachment.
>> Some attachment types are always worth blocking, though--when is the
>> last time that a legitimate .reg, .pif, .com, .exe, .cmd, .bat (to  
>> name
>> a few examples) was sent in email? :)
>> -TProphet
>> eric at kahklen.com wrote:
>>> We currently use a spam/av appliance at our gateway.  In addition,  
>>> we
>> also
>>> check for attachment types and only allow certain types such  
>>> as .doc,
>> .pdf,
>>> .xls....  At times, legitimate types such as zip files are blocked  
>>> and
>>> unfortunately there is no way to "whitelist" the sender with certain
>> file
>>> types so that they can get through to the end users mailbox.  In the
>> past,
>>> senders have renamed their attachment with a .txt file type.   
>>> Although
>> this
>>> is a convienent solution for the end user, it seems like an easy  
>>> way to
>>> circumvent the idea of attachment checking in the first place.  Do  
>>> most
>>> people still block attachment types? or do they rely on their AV
>> scanning
>>> software to quarantine/delete viruses and malware?
>>> Thanks,
>>> Eric
>>> _______________________________________________
>>> Members mailing list
>>> Members at lists.sasag.org
>>> http://lists.sasag.org/mailman/listinfo/members
> _______________________________________________
> Members mailing list
> Members at lists.sasag.org
> http://lists.sasag.org/mailman/listinfo/members

More information about the Members mailing list