Hi there, just my "2cents worth" on this security related issue, which I feel can be extended to generally any type of mailing list, even those we may set up for our own networks at home or on the office:

i would not like to remove all attachments, sometimes ppl post configs etc. or maybe a png about a network topology.

Actually I think that on a list that deals with security issues we should be able to come up with a solution here that could serve as an example for other lists, perhaps very specifically giving hints on how to configure a system to do similar filtering say on lists served my majordomo. What type of attachmenets for example would one allow? I especially put the question this way around, because I think that's easier to define than to attempt to pinpoint everything one would want to *disallow*. Obviously one would have the option to only allow MIME type attachmenets and then filter out any "unwanted" types, such as HTML, mpeg and whatever else produces a headache (obviously it's a better idea to agree on what types we *will* let through then arguing the other way around, as that might end up in an endless discussion). How can one go about this project using available tools under Linux?

Besides from that, i would more like if ppl would learn not to click on every shit in an email.

Who wouldn't. Then again, generations of EMail users have tried to educate other users about this one, and it still doesn't seem to hit home with everyone. So if you can't get what you want, accept it as a given fault you can't rectify and rather see how we can prevent these people to receive hazardous attachments from this list in the first place - after all, if they don't think, we'll have to.

If you really want to drop attachments, then maybe just the well known windows executables like com exe bat pif scr etc.

There have been terrifyingly aggressive discussions on other lists wether to allow anything else but pure "text/plain" messages, so one probably can grab all of those already stated arguments and reguritate them here as well - but in general I can follow the otherwise also abundantly practiced policy of only allowing what is absolutely necessary to fullfill a specific purpose of a system - here to conduct a security related discussion in a meaningfull way. Essentially that means: we shouldn't allow any attachment types apart from those we have speicifically agreed upon here. As I said, *not* the other way around: attempting to specify what types we will *not* allow just leaves too many loopholes.

just my 2eurocents.

Same here...

Sven

Gerard