[Spambayes] idea for tokenizer.crack_filename change

Tim Peters tim.one@comcast.net
Thu, 19 Sep 2002 22:24:48 -0400


[Greg Ward]
> OK, when was the last time someone sent you an .exe or .vbs attachment
> that *wasn't* a virus?

Heh -- I *said* everyone would agree it was a fair characterization all
around <wink>.  In answer to the question, it was the last time Wise tried
to send me a new UNWISE32.EXE, to repair the mysterious "hey, the
uninstaller just plain vanished!" bug that started plaguing Python Windows
installations after we upgraded to Wise version 8.  Actually getting the
repaired uninstaller into my hands turned into a mini nightmare, because so
many intervening email packages were such friggin' nannies about .exe files.
In the end I got an email account just for this that didn't block them, and
then it turned out that a Windows Update patch had convinced Outlook 2000 to
refuse to let me even save an .exe attachment to disk, let alone run one.
All it would tell me is that there *was* an attachment.  This is still
considered to be "a feature"; at least Outlook 2002 has an undocumented
registry setting you can fiddle to turn off this dumbass "protection"(*).

> And if it happened tomorrow, would you actually run that attachment?
> Or delete it ASAP?

I'm not a typical user, Greg.  I somtimes run viruses just to see what they
do.  On my home box I have software to track and restore my hard drive, at
the physical block level, to what it was immediately prior to running them,
so it's not a big deal (well, at least not until a virus appears that knows
how to crack that subsystem).

> The code (and not much else!) is at elspy.sourceforge.net.

Yup!


(*) HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security

Create key Level1Remove, and set it to a semicolon-separated list of file
extensions (sans periods) you don't want Outlook 2002 to protect you from.
Outlook still won't let you run such attachments, but will let you save them
to disk then (and you can run them from there).