Xnet now forbids sending executable files as email attachments.

Discussion in 'NZ Computing' started by John S, Sep 17, 2009.

  1. John S

    John S Guest

    Tried to send out a class manual to a Seniornet group yesterday, with an
    attached file (zip archive containing a couple of executables).

    I've previously sent this to several Seniornets without problems, but this
    time the transmission is blocked by Xnet (at least I think it's Xnet - the
    bounce message is from ), with the following
    message:-

    ***************
    "BANNED message from you (multipart/mixed | application/(with a list of the
    files in the archive)
    ......
    In the body of the message it goes on to say:-

    Delivery of the email was stopped!

    The message has been blocked because it contains a component
    (as a MIME part or nested within) with declared name
    or MIME type or contents type violating our access policy.

    To transfer contents that may be considered risky or unwanted
    by site policies, or simply too large for mailing, please consider
    publishing your content on the web, and only sending an URL of the
    document to the recipient.

    Depending on the recipient and sender site policies, with a little
    effort it might still be possible to send any contents (including
    viruses) using one of the following methods:

    - encrypted using pgp, gpg or other encryption methods;

    - wrapped in a password-protected or scrambled container or archive
    (e.g.: zip -e, arj -g, arc g, rar -p, or other methods)

    Note that if the contents is not intended to be secret, the
    encryption key or password may be included in the same message
    for recipient's convenience.

    We are sorry for inconvenience if the contents was not malicious.

    The purpose of these restrictions is to cut the most common propagation
    methods used by viruses and other malware. These often exploit automatic
    mechanisms and security holes in more popular mail readers (Microsoft
    mail readers and browsers are a common target). By requiring an explicit
    and decisive action from the recipient to decode mail, the danger of
    automatic malware propagation is largely reduced.
    *****************

    I think I got round the problem, and sent the message again this evening,
    but it's coming to some state of affairs when you can't go about your
    legitimate business and use the internet without being shackled by this
    kind of restriction.

    Any other ISPs doing this?

    Cheers,

    John S
     
    John S, Sep 17, 2009
    #1
    1. Advertising

  2. In message <>, John S wrote:

    > I've previously sent this to several Seniornets without problems, but this
    > time the transmission is blocked by Xnet (at least I think it's Xnet - the
    > bounce message is from ) ...


    It's probably not them then, but the ISP for one or more of your recipients.
    To confirm this, we'd need to check the message headers.

    > ... but it's coming to some state of affairs when you can't go about your
    > legitimate business and use the internet without being shackled by this
    > kind of restriction.


    Yeah, it's really bothersome that I can't use the road without having to
    watch out for other id^H^Hdrivers.

    Why are you trying to e-mail executables anyway? Do you digitally sign your
    messages? If not, how do your recipients know to trust the message?
     
    Lawrence D'Oliveiro, Sep 17, 2009
    #2
    1. Advertising

  3. John S

    EMB Guest

    Lawrence D'Oliveiro wrote:
    > In message <>, John S wrote:
    >
    >> I've previously sent this to several Seniornets without problems, but this
    >> time the transmission is blocked by Xnet (at least I think it's Xnet - the
    >> bounce message is from ) ...

    >
    > It's probably not them then, but the ISP for one or more of your recipients.
    > To confirm this, we'd need to check the message headers.


    You're a fuckwit Larry, wxnz.net *is* Xnet.
     
    EMB, Sep 17, 2009
    #3
  4. John S

    EMB Guest

    John S wrote:
    >
    > I think I got round the problem, and sent the message again this evening,
    > but it's coming to some state of affairs when you can't go about your
    > legitimate business and use the internet without being shackled by this
    > kind of restriction.
    >
    > Any other ISPs doing this?


    I'm unsure about ISPs but most businesses running their own mail servers
    do it. And they tend to do it much more effectively - encrypted or
    password protected files that cannot be checked are stopped. A lot of
    the content filters can be fooled by changing the file extension from
    exe to txt. Send a txt2exe.bat file out as well to undo the change and
    Robert is your mother's brother.

    IME Xnet are amenable to making changes if you can justify it - if you
    ask they may add you to a whitelist of approved senders who bypass the
    content filtering.

    It might be just as easy to set up your own mail server at SeniorNet and
    use that. Something like Mailenable is free and works well.
    http://www.mailenable.com
     
    EMB, Sep 17, 2009
    #4
  5. In message <h8t2b1$fs5$>, EMB wrote:

    > ... if you ask they may add you to a whitelist of approved senders who
    > bypass the content filtering.


    Spot the security n00b.
     
    Lawrence D'Oliveiro, Sep 17, 2009
    #5
  6. John S

    greg Guest

    Lawrence D'Oliveiro wrote:
    > In message <h8t2b1$fs5$>, EMB wrote:
    >
    >> ... if you ask they may add you to a whitelist of approved senders who
    >> bypass the content filtering.

    >
    > Spot the security n00b.



    spot the tosspot dick head, hint his name is lawrence (this hint is for
    you larry)
     
    greg, Sep 17, 2009
    #6
  7. John S

    EMB Guest

    Lawrence D'Oliveiro wrote:
    > In message <h8t2b1$fs5$>, EMB wrote:
    >
    >> ... if you ask they may add you to a whitelist of approved senders who
    >> bypass the content filtering.

    >
    > Spot the security n00b.


    Not at all Larry. It is perfectly normal mail admin practise at both
    enterprise and ISP level to relax content filtering rules for users who
    can show a legitimate need for such to happen.

    With the attitude to security shown above you're obviously the n00b.
    Contrary to what you expound security isn't about seeing how many users
    you can inconvenience, it's about the safety and integrity of systems
    and data, and the ongoing efficiency of those systems. As such it is
    normal practise to add exceptions for which a valid business case can be
    made. eg Xnet unblock port 25 upon request.

    As an aside Larry, have you ever administered an enterprise level mail
    system, or even any enterprise level system?
     
    EMB, Sep 17, 2009
    #7
  8. In message <h8u39l$r2t$>, EMB wrote:

    > Lawrence D'Oliveiro wrote:
    >
    >> In message <h8t2b1$fs5$>, EMB wrote:
    >>
    >>> ... if you ask they may add you to a whitelist of approved senders who
    >>> bypass the content filtering.

    >>
    >> Spot the security n00b.

    >
    > It is perfectly normal mail admin practise at both
    > enterprise and ISP level to relax content filtering rules for users who
    > can show a legitimate need for such to happen.


    Except that with e-mail, anybody can pretend to be any sender.
     
    Lawrence D'Oliveiro, Sep 17, 2009
    #8
  9. John S

    John S Guest

    On Thu, 17 Sep 2009 22:17:17 +1200, EMB wrote:

    > John S wrote:
    >>
    >> I think I got round the problem, and sent the message again this evening,
    >> but it's coming to some state of affairs when you can't go about your
    >> legitimate business and use the internet without being shackled by this
    >> kind of restriction.
    >>
    >> Any other ISPs doing this?

    >
    > I'm unsure about ISPs but most businesses running their own mail servers
    > do it. And they tend to do it much more effectively - encrypted or
    > password protected files that cannot be checked are stopped. A lot of
    > the content filters can be fooled by changing the file extension from
    > exe to txt. Send a txt2exe.bat file out as well to undo the change and
    > Robert is your mother's brother.
    >
    > IME Xnet are amenable to making changes if you can justify it - if you
    > ask they may add you to a whitelist of approved senders who bypass the
    > content filtering.
    >
    > It might be just as easy to set up your own mail server at SeniorNet and
    > use that. Something like Mailenable is free and works well.
    > http://www.mailenable.com


    Thanks for the suggestion. The method I used was to change the extension,
    then explain in the email how to edit the file name at the other end.
    The modified email didn't bounce, so at this stage I assume it got through
    alright.

    Cheers,

    John S
     
    John S, Sep 18, 2009
    #9
  10. John S

    EMB Guest

    Lawrence D'Oliveiro wrote:
    > In message <h8u39l$r2t$>, EMB wrote:
    >
    >> Lawrence D'Oliveiro wrote:
    >>
    >>> In message <h8t2b1$fs5$>, EMB wrote:
    >>>
    >>>> ... if you ask they may add you to a whitelist of approved senders who
    >>>> bypass the content filtering.
    >>> Spot the security n00b.

    >> It is perfectly normal mail admin practise at both
    >> enterprise and ISP level to relax content filtering rules for users who
    >> can show a legitimate need for such to happen.

    >
    > Except that with e-mail, anybody can pretend to be any sender.


    Authenticated SMTP?
     
    EMB, Sep 18, 2009
    #10
  11. John S

    Enkidu Guest

    Lawrence D'Oliveiro wrote:
    > In message <h8t2b1$fs5$>, EMB wrote:
    >
    >> ... if you ask they may add you to a whitelist of approved senders who
    >> bypass the content filtering.

    >
    > Spot the security n00b.
    >

    Hehehehehehehehehehehehehehehe!

    --

    The Internet is interesting in that although the nicknames may change,
    the same old personalities show through.
     
    Enkidu, Sep 18, 2009
    #11
  12. In message <1ux1cdfmkta4c$>, John S wrote:

    > The method I used was to change the extension, then explain in the email
    > how to edit the file name at the other end.


    How are your recipients supposed to know the message really comes from you?
     
    Lawrence D'Oliveiro, Sep 19, 2009
    #12
  13. John S

    John S Guest

    On Sat, 19 Sep 2009 11:45:01 +1200, Lawrence D'Oliveiro wrote:

    > In message <1ux1cdfmkta4c$>, John S wrote:
    >
    >> The method I used was to change the extension, then explain in the email
    >> how to edit the file name at the other end.

    >
    > How are your recipients supposed to know the message really comes from you?


    Maybe it's the subtle nuances in the way I compile my messages?

    After all, everyone seems to be able to spot the posts that come from
    Woger, (regardless of the nym used) so maybe people can just read between
    the lines :)

    Cheers,

    John S
     
    John S, Sep 20, 2009
    #13
  14. In message <162hn591aydx5.1guey9y175pb$>, John S wrote:

    > On Sat, 19 Sep 2009 11:45:01 +1200, Lawrence D'Oliveiro wrote:
    >
    >> In message <1ux1cdfmkta4c$>, John S wrote:
    >>
    >>> The method I used was to change the extension, then explain in the email
    >>> how to edit the file name at the other end.

    >>
    >> How are your recipients supposed to know the message really comes from
    >> you?

    >
    > After all, everyone seems to be able to spot the posts that come from
    > Woger ...


    Distinctive as his (lack of) writing style may be, he's never asked anyone
    here to accept executable attachments.
     
    Lawrence D'Oliveiro, Sep 20, 2009
    #14
  15. John S

    Sailor Sam Guest

    Allistar wrote:
    > John S wrote:
    >
    >> On Thu, 17 Sep 2009 22:17:17 +1200, EMB wrote:
    >>
    >>> John S wrote:
    >>>> I think I got round the problem, and sent the message again this
    >>>> evening, but it's coming to some state of affairs when you can't go
    >>>> about your legitimate business and use the internet without being
    >>>> shackled by this kind of restriction.
    >>>>
    >>>> Any other ISPs doing this?
    >>> I'm unsure about ISPs but most businesses running their own mail servers
    >>> do it. And they tend to do it much more effectively - encrypted or
    >>> password protected files that cannot be checked are stopped. A lot of
    >>> the content filters can be fooled by changing the file extension from
    >>> exe to txt. Send a txt2exe.bat file out as well to undo the change and
    >>> Robert is your mother's brother.
    >>>
    >>> IME Xnet are amenable to making changes if you can justify it - if you
    >>> ask they may add you to a whitelist of approved senders who bypass the
    >>> content filtering.
    >>>
    >>> It might be just as easy to set up your own mail server at SeniorNet and
    >>> use that. Something like Mailenable is free and works well.
    >>> http://www.mailenable.com

    >> Thanks for the suggestion. The method I used was to change the extension,
    >> then explain in the email how to edit the file name at the other end.
    >> The modified email didn't bounce, so at this stage I assume it got through
    >> alright.

    >
    > One thing about Windows that amuses/confuses me is that it still seems to
    > rely on a (normally) 3 character file extension to tell what the file is,
    > and what application opens it. There doesn't seem to be any kind of mime
    > type database as there is with KDE/Gnome.


    Fucking newbies.
    man 5 magic
     
    Sailor Sam, Sep 25, 2009
    #15
  16. John S

    Sailor Sam Guest

    Sailor Sam wrote:
    > Allistar wrote:
    >> John S wrote:
    >>
    >>> On Thu, 17 Sep 2009 22:17:17 +1200, EMB wrote:
    >>>
    >>>> John S wrote:
    >>>>> I think I got round the problem, and sent the message again this
    >>>>> evening, but it's coming to some state of affairs when you can't go
    >>>>> about your legitimate business and use the internet without being
    >>>>> shackled by this kind of restriction.
    >>>>>
    >>>>> Any other ISPs doing this?
    >>>> I'm unsure about ISPs but most businesses running their own mail
    >>>> servers
    >>>> do it. And they tend to do it much more effectively - encrypted or
    >>>> password protected files that cannot be checked are stopped. A lot of
    >>>> the content filters can be fooled by changing the file extension from
    >>>> exe to txt. Send a txt2exe.bat file out as well to undo the change and
    >>>> Robert is your mother's brother.
    >>>>
    >>>> IME Xnet are amenable to making changes if you can justify it - if you
    >>>> ask they may add you to a whitelist of approved senders who bypass the
    >>>> content filtering.
    >>>>
    >>>> It might be just as easy to set up your own mail server at SeniorNet
    >>>> and
    >>>> use that. Something like Mailenable is free and works well.
    >>>> http://www.mailenable.com
    >>> Thanks for the suggestion. The method I used was to change the
    >>> extension,
    >>> then explain in the email how to edit the file name at the other end.
    >>> The modified email didn't bounce, so at this stage I assume it got
    >>> through
    >>> alright.

    >>
    >> One thing about Windows that amuses/confuses me is that it still seems to
    >> rely on a (normally) 3 character file extension to tell what the file is,
    >> and what application opens it. There doesn't seem to be any kind of mime
    >> type database as there is with KDE/Gnome.

    >
    > Fucking newbies.
    > man 5 magic


    Actually I'll withdraw that on the basis that you're discussing
    something slightly different.
    The /usr/share/file/magic file is the linux equivalent of the 3
    character extension signifying a file type/association.
     
    Sailor Sam, Sep 25, 2009
    #16
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. bub.mk
    Replies:
    1
    Views:
    1,956
    Old Gringo
    Sep 29, 2004
  2. Jigsaw

    Password protection of executable files.

    Jigsaw, Feb 8, 2005, in forum: Computer Support
    Replies:
    3
    Views:
    424
    Robert Amtjip
    Feb 9, 2005
  3. blanking
    Replies:
    50
    Views:
    1,137
    El Chippy
    May 23, 2007
  4. peterwn
    Replies:
    14
    Views:
    560
  5. samsneelam
    Replies:
    0
    Views:
    1,613
    samsneelam
    Aug 28, 2008
Loading...

Share This Page