Talk about a slow news day.
He does bring up an interesting point though. Is there ANY legitimate
reason to allow ANY file attachments through nanog ml?
I can't imagine any legitimate reason for someone to send a file
attachment to EVERY single nanog ml member. A URL pointer to a file would
be far more appropriate.
-Dan
He does bring up an interesting point though. Is there ANY legitimate
reason to allow ANY file attachments through nanog ml?
Yet another attack on multipart/signed. Geez. 
I can't imagine any legitimate reason for someone to send a file
attachment to EVERY single nanog ml member. A URL pointer to a file would
MIME attachments are not the problem.
The problem is people who insist on using mail software that fails to
address the security considerations of executable content.
Compounding the problem are people who insist on confusing "problems with
executable MIME attachments" with "problems with all MIME attachments
because one vendor ships a product that will execute anything that
resembles ones and zeros more than my goldfish does".
RFC822 mail is more survivable than many other communication methods,
such as telephone, web or ftp. One of the academics may be able to
tell us why (or if) that is true. A few times a decade, distributing
patches via e-mail has been an important method to reach system and
network operators during network disruptions. RFC822 mail was used
during the RTM worm attack, the BIND root change crash, and probably
a few other times to get patches out when connectivity was iffy.
Yes, but does nanog have the power to prohibit list users from using said mail
agent?
It does (should?) however, have the ability to drop/refuse attachments
(possibly over a certain size) - like Mr. Li's 54Kb gift to the list.
Me thinks there is more than one way to skin this cat - but that dropping
sizable attachments is probably the path of least resistance - if the problem
at hand is seen as keeping questionable email and their payloads off the list.
Now, on the other hand, if what you really want to do is change the
world....... then maybe your onto something. 
A digital signature won't be more than a couple K in size, will it?
Not that anyone here digitally signs their messages anyhow...
isn't it easier to stick a procmail recipe into the NANOG mail system
dropping double extension files and other highly dangerous extensions,
such as .scr, .lnk, .com, .dll, .pif and others???
Also, for a low volume server, this should be a good choice:
http://www.impsec.org/email-tools/sanitizer-intro.html
"Steven J. Sobol" wrote:
> > address the security considerations of executable content.
>
> Yes, but does nanog have the power to prohibit list users from using said mail
> agent?
>
> It does (should?) however, have the ability to drop/refuse attachments
> (possibly over a certain size) - like Mr. Li's 54Kb gift to the list.A digital signature won't be more than a couple K in size, will it?
I'd hope not - but thus the reason to drop only attachments over a
certain size -
(3k? 5k?) - to allow digital sig's, but can everything else.
Of course, if someone's digital signature is larger than 5Kb.... I
wouldn't mind
dropping it anyway
Or, possibly, just drop the "large" attachments, but allow the
associated message?
[snip]
A digital signature won't be more than a couple K in size, will it?
Not that anyone here digitally signs their messages anyhow...
I beg to differ ... 
Well.. that's closer than trying to restrict it based on size.
It's still wrong though, because the filtering *should* be done based on
the MIME type. Of course, the whole *problem* here is that malware is
able to wave its little digital arms, hop up and down, and say:
"I'm a text/plain called whoops.exe - of course it's safe to run me,
who ever heard of a malicious text/plain?!"
Personally, I'd recommend a controlled burn, except that we've been having one
every 2 weeks already.