From owner-freebsd-questions@freebsd.org Wed Mar 23 16:32:09 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A53F4ADBC08 for ; Wed, 23 Mar 2016 16:32:09 +0000 (UTC) (envelope-from feenberg@nber.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 8F9A41883 for ; Wed, 23 Mar 2016 16:32:09 +0000 (UTC) (envelope-from feenberg@nber.org) Received: by mailman.ysv.freebsd.org (Postfix) id 8EAA5ADBC07; Wed, 23 Mar 2016 16:32:09 +0000 (UTC) Delivered-To: questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8C020ADBC06 for ; Wed, 23 Mar 2016 16:32:09 +0000 (UTC) (envelope-from feenberg@nber.org) Received: from mail2.nber.org (mail2.nber.org [198.71.6.79]) by mx1.freebsd.org (Postfix) with ESMTP id 3578D1880 for ; Wed, 23 Mar 2016 16:32:08 +0000 (UTC) (envelope-from feenberg@nber.org) Received: from sas1.nber.org (sas1.nber.org [198.71.6.89]) by mail2.nber.org (8.15.2/8.14.9) with ESMTPS id u2NGViV0082385 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 23 Mar 2016 12:31:44 -0400 (EDT) (envelope-from feenberg@nber.org) Date: Wed, 23 Mar 2016 12:31:44 -0400 (EDT) From: Daniel Feenberg To: Valeri Galtsev cc: Wayne Sierke , Olivier Nicole , questions@freebsd.org, krad Subject: Re: [Phishing]Re: Anti-virus for FreeBSD In-Reply-To: <62985.128.135.52.6.1458748953.squirrel@cosmo.uchicago.edu> Message-ID: References: <1458712914.1578.37.camel@au.dyndns.ws> <62985.128.135.52.6.1458748953.squirrel@cosmo.uchicago.edu> User-Agent: Alpine 2.20 (LRH 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-KLMS-Rule-ID: 1 X-KLMS-Message-Action: clean X-KLMS-AntiSpam-Status: not scanned, disabled by settings X-KLMS-AntiSpam-Interceptor-Info: not scanned X-KLMS-AntiPhishing: Clean, 2016/03/21 09:45:52 X-KLMS-AntiVirus: Kaspersky Security 8.0 for Linux Mail Server, version 8.0.1.721, bases: 2016/03/23 09:07:00 #7319446 X-KLMS-AntiVirus-Status: Clean, skipped X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2016 16:32:09 -0000 On Wed, 23 Mar 2016, Valeri Galtsev wrote: > > Partly to toss some more fuel into the fire ;-) and partly to discourage > too harsh judgement of "some anti-vurus software not catching some > viruses" (or should I say virii as a plural of Latin word virus?) > > First of all, the whole anti-virus approach is fundamentally flawed. In > fact, you can not enumerate bad (what anti-virus is trying to do). You > only can enumerate good and prohibit everything else. So, don't be too > harsh on those [anti-viruses] that miss some of evil things sometimes: > remember, they are trying to do the task that is fundamentally flawed. > Is there a package out there that would block all email messages with binary executable content? I understand that pdf and word files may contain executable code - the package would have to be able to distinguish such files with executable code and those without. (Is that possible)? For us, that would be a satisfactory substitute for Kaspersky, perhaps even a superior one. daniel feenberg