[sdiy] Re: Snowhite and the Seven Dwarfs - The REAL story!

Magnus Danielson cfmd at swipnet.se
Sat Feb 10 03:10:29 CET 2001 

From: Drew Smith <drew at pctc.com>
Subject: Re: [sdiy] Re: Snowhite and the Seven Dwarfs - The REAL story!
Date: Fri, 09 Feb 2001 08:17:03 -0800

> "J. Larry Hendry" wrote:
> > 
> > I don't know if me getting this was associated to any of the lists I belong
> > to, but I got a mail under this category with a very suspicious looking .exe
> > file attached, and the sending address is invalid.  I do not like to pass
> > "virus" warnings.  But, this doesn't look friendly.  However, I am, so this
> > is a friendly caution.
> 
> 	Heya folks,
> 
> 	There's information about the trojan and exactly what it does to your
> system available at http://www.sexyfun.net - the emails are coming from
> a spoofed address.  The trojan itself is another one of those stupid
> Outlook worms - it opens your address list, then uses YOUR computer to
> send forged email to everyone on your list.  If you've gotten it 20+
> times in one day, then count yourself lucky, you've got a reasonably
> large, tight-knit group of friends!
> 
> 	Mailserver admins - why are your mailservers still accepting executable
> attachments?  .exe, .com, .bat, .vbs, .scr - any mail with those kinds
> of attachments should be bounced with a message telling the sender
> exactly *why* - a few of these trojans don't let you know anything is
> wrong, but attach themselves to the bottom of all outgoing mail...

I have considered the same thing, and then also a come up with a
potential trouble and a solution to that. This is how it goes:

Luser: When I try to send a file to a friend the email bounces. Why is
       that?

BOFH: What type of file is it?

Luser: Oh, I just want to send him this neat program...

BOFH: So, you are trying to send him a .EXE file, arn't you?

Luser: Eh, yes... I guess so...

BOFH: But no such files may be sent as attachments to emails!!!

Luser: But... then I can't send him it...

BOFH: Sure you can... just ZIP it up and send the ZIP...

Luser: But then I don't understand, then I can send him the file, I
       don't get it...

BOFH: Sigh... yes, you can send him the file, but only if you wrap it
      into a format such that the file will not automatically execute
      when reveived.

So, blocking such files should be feasable... 

Oh, sorry for making BOFH so user-friendly, I'll make it up till next time.

Cheers,
Magnus

More information about the Synth-diy mailing list