RE: Anyone blocking GIF's due to new virus?

  • From: Danny <nocmonkey@xxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 1 Sep 2004 12:29:39 -0400

On Wed, 1 Sep 2004 09:09:20 -0700, John Tolmachoff (Lists)
<johnlist@xxxxxxxxxxxxxxxxxxx> wrote:
> So, why throw out the baby when the bath water is bad?
> Let's do this correctly.
> Either get software that can correctly find the message as infected with a
> virus, or software that can look at the body and see the bad stuff.
> Again, which virus is this? If you say one of the Bagles, I am going to tell
> you that the URL is an object exploit coding and if your AV software is not
> detecting it, you need to get new software.

I was mistaken; I mis-read the technical details of the
viruses/spyware. I know that GIF's are not executable, it was the
contents of the emails which had incorrect GIF extenstions attached to
the email message. So, instead of relay on the AV software to scan for
interesting stuff in the body of the message, I I thought it would be
easier to block GIF attachments at the gateway. But, as I said, I
mis-read the technical details, and this is why I wanted to ask
everyone else to see if they were going as far as I did. :)

John, which AV software checks to see if the URL leads to a malcious site?

Thank you,


Other related posts: