[Milsurplus] Everyone Should Check

Steve Harrison [email protected]
Sat, 05 Oct 2002 14:25:45 +0000 

At 08:34 AM 10/5/2002 -0500, you wrote:
>Nowadays, with Klex and Bugbear and the like, you really
>need to make sure that the sender _intended_ to send the
>attachment before you even consider opening it. And even 
>then, it's good to have an AV tool with current signatures
>checking all your mail before you read it. 
>
>Or you can do as I do, and run a *nix, *nux, or *BSD system,
>and not be vulnerable to the stuff. 

I received a message from someone who's e-mail addy I recognized, but with
whom I've never spoken before personally. I asked him about his attachment
but still haven't received a response. So the attachment went into the bit
pit.

Another hint I've not seen anyone mention here but which has been mentioned
before, is to set your automatic file download limit to something rather
debilitating to attachments, such as 10kb to 25 kb MAXIMUM. I do this in
Eudora Lite although, because of its design, it does NOT automatically run
any downloadable attachment. When a file is too large, I get a notation
attached to the original message that the file was too large and I can
click on an icon to have Eudora download it next time it checks the mail.
Thus, I am told when something shows up. Of course, the inbox listing shows
when I get something with an attachment, too.

Most e-mailers also have a setting whether to automatically preview
messages. I suspect the ability to preview is one of the reasons why so
many insist upon continuing to use such as Outlook and even Netscape's
Communicator. But that preview feature will automatically run attachments,
not merely let you peek at a message. Some folks just don't seem to
understand this and stoichally believe as long as they don't actually open
the message, it won't run. WRONG.

As usual, one of the best protections is to GET RID OF ANY AND ALL
HTML-TYPE E-MAILERS. There's really nothing whatsoever that cannot be said
in any e-mail just as well when in plain text. Get yourself something like
Eudora Lite, Pegasus, Pine, or whatever, and USE it.

Steve, K0XP