Full Disclosure mailing list archives
Re: a PGP signed mail? Has to be spam!
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 13 Nov 2003 01:51:19 +1300
Peter Moody <peter () ucsc edu> wrote:
I frequently get messages from virus filters telling me that my attachment (signature.asc) has been removed as it's thought to contain a virus. For the virus end, it'll take time for people to start coding proper virus scanners that don't recognize .asc as a virus.
Really? A virus scanner saying the .ASC "is thought to conatin a virus", or actually a "higher level" filtering mechanism "rejecting" the .ASC because the virus scanner says it is (possibly) an encrypted data block that cannot be "decrypted" and thus is "unscannable" by the scanner? A few scanners are actually that "honest" and as they effectively report an error to the higher level filtering application, that app "reasonably" rejects the message (or that part thereof). In such cases the system admins should be paying more attention to the configuration of either (or both) the higher level filter (perhaps configure it to not try to virus scan .ASC signature blocks) or the scanner's handling of such file types (perhaps exclude .ASC files from scanning if that's an option and if that is how the higher level content scanner passes the "to be scanned" file to the scanner).
As far as signed mail getting picked up by spam filters, I would think that talking to the admins would be your best bet. But again, in time spam filters will recognize that pgp signature does not equal spam.
Do you really think the clueless twats producing and/or running spam filters with such filter rules now can really get that clueful? Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- a PGP signed mail? Has to be spam! onedo (Nov 11)
- Re: a PGP signed mail? Has to be spam! Peter Moody (Nov 11)
- Re: a PGP signed mail? Has to be spam! Damian Gerow (Nov 11)
- Re: a PGP signed mail? Has to be spam! Ciro (Nov 11)
- Re: a PGP signed mail? Has to be spam! Nick FitzGerald (Nov 12)
- Re: a PGP signed mail? Has to be spam! Michael Gale (Nov 11)
- Re: a PGP signed mail? Has to be spam! Scott Taylor (Nov 11)
- Re: a PGP signed mail? Has to be spam! Michael Gale (Nov 11)
- Re: a PGP signed mail? Has to be spam! Daniel (Nov 11)
- Re: a PGP signed mail? Has to be spam! Michael Gale (Nov 11)
- Re: a PGP signed mail? Has to be spam! Steffen Kluge (Nov 11)
- Re: a PGP signed mail? Has to be spam! Michael Gale (Nov 11)
- Re: a PGP signed mail? Has to be spam! Chris Ruvolo (Nov 12)
- Re: PGP signed mail? Has to be spam! onedo (Nov 12)
- Re: PGP signed mail? Has to be spam! Shawn McMahon (Nov 13)
- Re: a PGP signed mail? Has to be spam! Peter Moody (Nov 11)