At 03:36 PM 8/24/2003, gep2(_at_)terabites(_dot_)com wrote:
On Sun, 24 Aug 2003, Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com>
wrote:
>[Mod. moved to BCP area]
>At 11:57 PM 8/23/2003, gep2(_at_)terabites(_dot_)com wrote:
>>On Sat, 23 Aug 2003, Kee Hinckley <nazgul(_at_)somewhere(_dot_)com> wrote:
>> >At 1:01 PM -0500 8/23/03, gep2(_at_)terabites(_dot_)com wrote:
>> >>Most of these recipients who allowed this worm to infect their
>> >>computer probably
>> >>would NOT have had authorized those senders to send attachments at
all, let
>> >>alone EXECUTABLE attachments.
>> >The fact that they are so used to getting attachments that they click
>> >on one without thinking would seem to indicate otherwise.
>>Most of them are probably used to getting image or text attachments, or WAV
>>files maybe, and never dream that these are executable program (or
>>probably even
>>how to tell the difference).
>>I still contend that most users would have a VERY small number of senders
>>authorized to send the executable attachments, and thus would be spared the
>>angst of most of these worms and viruses.
>This is best addressed within the BCP area. Would anyone like to volunteer?
What are you asking us to volunteer to do? I'd like to help, although my
time
is limited (and unfortunately I've not got a salary to count on keeping the
bills paid...)
There is an existing RFC on BCPs for mail admins, RFC 2505,
(http://www.ietf.org/rfc/rfc2505.txt). It needs to be updated. There are
also various other documents in that area like BCPs for end-users. What I
am asking is for someone to take charge of this area and start working on
some documents. And even if you do not have the time to collaborate, you
can give some time to review the documents and comments on them, with
others who have ample more time to actually write them.
Yakov
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg