On Tue, 2004-03-02 at 13:45, Tom Knight wrote:
-----Original Message----- From: Ray Leach [mailto:raymondl@knowledgefactory.co.za] Sent: 02 March 2004 11:19 To: SuSE Security Subject: Re: [suse-security] FSCKING VIRII
Why not just stop using M$ Outbreak and Exchange? Outbreak is the only client that is propagating these virii ...
This was a generalisation ....
Point 1: Arjan isn't using Outlook, check the headers ;-) Point 2: Outlook isn't the only MUA that propagates these worms. Bagle (for example) uses its own smtp engine and relies on a (stupid) user opening an attachment. The only reliance is use of Windows and lack of virus awareness. Yes, let's start a virus training school ....
Point 3: In the "real world" people have to battle an awful lot to dump Outlook and Exchange (think corporate investment), and until that's done they may still have to support these programs.
So, if they start planning their migration to the 'new and better' MTA and MUA to coincide with the extinction of there precious 'corporate investment', then they have nothing to lose (except maybe a whole lot of virii). Does it actually make (business) sense to keep a product that is falling behind all the time and to continually 'have' to spend more money on supporting products and resources to 'protect the corporate investment'? That's like flushing your money down the toilet in hopes that one day it will all come back out at you ...
On the other hand... Something is stripping the viral attachment from these messages, why can't it just dump the entire message?
Agreed, but then we would have to agree on what attachments (if any) to allow to the list, or was it which ones to dump ...?
HTH,
Tom. -- -- Raymond Leach <raymondl@knowledgefactory.co.za> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 --