Re: New changes Mike L. Varney 10 May 2004 10:59 EST

Past experience has been that not everyone has the resources to put
documents/files up on a web site, so allowing attachments has been allowed.
However, we do limit the size of the attachments (I believe the limit is
300k, because sending out 1300 copies of a large file clogs up not only our
server but our host's internet connection fro days!).

For every technological advance that's made (i.e. virus scanning or emails
at the server level), there's usually a subsequent workaround (in this
case, password protected ZIPs).  While we usually like to keep a step
ahead, sometimes the best we can do is implement changes as soon as we're
made aware of the workarounds the virus writers are implementing.

-- Mike Varney / HRI

 Patrick Brown
 <xxxxxx@OLEMISS.E        To:       xxxxxx@HRINET.ORG
 DU>                      cc:
 Sent by: Research        Subject:  Re: [RESADM-L] New changes
 Administration
 List
 <xxxxxx@HRINET.
 ORG>

 05/10/2004 11:47
 AM
 Please respond to
 Research
 Administration
 Discussion List

Thanks Mike, but what if we decided to not send attachments to the list at
all?  Instead, we could simply send links.  Just a thought.

Patrick

At 09:48 AM 5/10/2004 -0400, you wrote:
>As mentioned by my follow-up note to RESADM-L, the
>ZIP-attachment-with-a-password method is a new way of virus propogation
>which defeats enterprise-level mail server virus scanners (which cannot
>scan within the ZIP file as they normally would due to the password).  I
am
>working to block these attachments.
>
>Remember Email rule #1:  NEVER open a attachment unless you were expecting
>it.  EVEN if you know the sender!
>
>-- Mike Varney / HRI
>
>
>
>
>                       "Herbert B.
>                       Chermside"               To:       "Mike L. Varney"
> <xxxxxx@health.state.ny.us>,
>                       <xxxxxx@vcu.edu>
xxxxxx@UMRESEARCH.UMD.EDU
>                                                cc:
>                       05/10/2004 09:39         Subject:  Re: [RESADM-L]
> New changes
>                       AM
>
>
>
>
>
>
>The following message was purported to be sent through xxxxxx@HRINET.ORG
>xxxxxx@UMRESEARCH.UMD.EDU.  It contained a password (noted below by "x")
>which was deleted by some protection software in the transmission
>process.  It had two attachments, a .JPG file and a .TXT file, the latter
>of which was deleted by the same protection program; neither is contained
>in this query.
>
>Was this an intended message, or is it spam or some other malicious
>message?  If intended, is there some other way the information can be
>transmitted?  If malicious, is there any other protection that can be used
>by the listserve to prevent a repetition?
>
>Contact me at xxxxxx@vcu.edu if more information is needed.
>
>Chuck
>
>
>
>
>At 09:52 AM 5/10/2004, you wrote:
>
> >Attached file is protected with the password for security reasons.
> >Password is
> >[]
> >
> >
> >======================================================================
> >Instructions on how to use the RESADM-L Mailing List, including
> >subscription information and a web-searchable archive, are available via
> >our web site at http://www.hrinet.org (click on "Listserv Lists")
> >======================================================================
>
>Herbert B. Chermside, CRA
>Special Asst. to VP-Research
>Virginia Commonwealth University
>PO BOX 980568
>Richmond, VA  23298-0568
>Voice:  804-827-6036
>Fax     804-828-2051
>e-mail xxxxxx@vcu.edu
>
>
>======================================================================
>  Instructions on how to use the RESADM-L Mailing List, including
>  subscription information and a web-searchable archive, are available
>  via our web site at http://www.hrinet.org (click on "Listserv Lists")
>======================================================================

Patrick Brown
Director of Sponsored Programs
Administration and Communications
The University of Mississippi
P.O. Box 907
University, Mississippi 38655
phone:  662-915-7482
fax:  662-915-7577

======================================================================
 Instructions on how to use the RESADM-L Mailing List, including
 subscription information and a web-searchable archive, are available
 via our web site at http://www.hrinet.org (click on "Listserv Lists")
======================================================================

======================================================================
 Instructions on how to use the RESADM-L Mailing List, including
 subscription information and a web-searchable archive, are available
 via our web site at http://www.hrinet.org (click on "Listserv Lists")
======================================================================