Banning Emailed Executables
from the stick-with-not-executing-files dept
The latest tactic in stopping emailed virus attacks is to stop letting a mail server pass on emailed executables. MIT is apparently rejecting all such messages. Of course, the virus writers will quickly figure out a social engineering trick around this, and will try to get people to download the executable from somewhere else. Besides, there certainly are cases where it does make sense to email an executable, and suddenly people are going to need to figure out a way around that block.
Comments on “Banning Emailed Executables”
This by you is news?
Most corporations have been doing this for YEARS. There are alternatives, called the web/FTP/etc for transferring executable binaries. When e-mail worms try to use secondary distributors for the executable code the infection can be stopped by killing that secondary source(s). Such worms have already been stopped this way, whereas the pure e-mail ones spread because too many ISPs don’t block EXEs or even virus scan.
Blocking e-mail executables currently stops most every major e-mail infector, including new variants as they pop up. A small price to pay, and again, e-mail was not designed for trading programs in the first place.
ZIP
The standard way around this is to zip the executable files before sending them. Of course now I have started to receive emails with attached ZIP files that contain a virus. But the fight continues, because my new 2004 virus software scans the contents of zip files before the files are unzipped.
Re: ZIP
Outlook actually blocks zip files with executables or script files in them, the only real way around it is to rename the files. For example: runme.exe becomes runme.ex_
This is how we’ve been currently working around it, but it would take work to execute it.
No Subject Given
seems to me that blocking executables that won’t be executed automatically by an e-mail client is unnecessary. An individual clueless enough to execute such a file will also execute it if it arrives inside zip format.