Gmail to block more file attachments

How does gmail handle for example a legitimate .nzb file renamed to another file extension? Will it be clever enough to scan the content and ascertain that it is indeed .nzb content inside or will it simply pass over it if you were to rename it to for instance .doc and then send it?
 
wabbit16 said:
How does gmail handle for example a legitimate .nzb file renamed to another file extension? Will it be clever enough to scan the content and ascertain that it is indeed .nzb content inside or will it simply pass over it if you were to rename it to for instance .doc and then send it?
Click to expand...

Why does google take umbrage with a simple text file like a NZB? :confused:

EDIT: just tested and they don't... so yeah, even more confused now.
 
Last edited:
bwana said:
Why does google take umbrage with a simple text file like a NZB? :confused:

EDIT: just tested and they don't... so yeah, even more confused now.
Click to expand...

His question is more like what happens if you. for example, rename a exe file to use a pdf extension and then send it, to rename it back later.

I've done that to bypass restrictions on exchange servers but never tried on gmail.
 
supersunbird said:
His question is more like what happens if you. for example, rename a exe file to use a pdf extension and then send it, to rename it back later.

I've done that to bypass restrictions on exchange servers but never tried on gmail.
Click to expand...

That's something that gets my goat. Bloody banks are the worst with this.

First they have size restrictions so you can't send a decent sized PDF containing a whole bunch of legal documentation (you would think a bank would understand that people need to sometimes send them 100 page long documents), then you try compress it but your email gets bounced because .zip isn't accepted or hasn't been able to compress it enough.

All the while I'm getting it in the ear from my accountant because she is in no way technical enough to even understand what's happening (not that she would even be able to try fix it on her own either) but she is being put under pressure by our ops director who is being put under pressure by, generally, our various landlords. So an important business process gets held up because we cannot send a simple email.

And no, the company doesn't have a cloud based solution. Of course I can use my own personal one to hack a solution, but damn is that not irritating!

Sorry, rant over :)
 
FoXtroT said:
That's something that gets my goat. Bloody banks are the worst with this.

First they have size restrictions so you can't send a decent sized PDF containing a whole bunch of legal documentation (you would think a bank would understand that people need to sometimes send them 100 page long documents), then you try compress it but your email gets bounced because .zip isn't accepted or hasn't been able to compress it enough.

All the while I'm getting it in the ear from my accountant because she is in no way technical enough to even understand what's happening (not that she would even be able to try fix it on her own either) but she is being put under pressure by our ops director who is being put under pressure by, generally, our various landlords. So an important business process gets held up because we cannot send a simple email.

And no, the company doesn't have a cloud based solution. Of course I can use my own personal one to hack a solution, but damn is that not irritating!

Sorry, rant over :)
Click to expand...

Don't get me started about 300mb or similar mailbox size limits.
 
supersunbird said:
His question is more like what happens if you. for example, rename a exe file to use a pdf extension and then send it, to rename it back later.

I've done that to bypass restrictions on exchange servers but never tried on gmail.
Click to expand...
Try to send renamed DAZ Windows 7 Loader, you will see. They scan files for specific signatures like antivirus programs do, but their targets are not viruses, but some specific legitimate programs, so I gather they are getting paid for it. They also reject files based on filename. So if you want send such files, rename it, then encrypt with password.
 
Last edited:
Most intelligent scanners will look at the mail headers - so renamed files will be dropped. A lot of corporates will also block attachments that cannot be scanned (ie password protected archives)
 
So just add .txt, should solve the problem. This is getting ridiculous with gmail blocking more and more stuff. Years ago I uploaded some files as attachments. When I wanted to download them again it didn't allow it because gmail couldn't scan my custom extensions. I had to use a workaround by downloading the complete email. Then I found you can back them up and use a mail reader.
 
So Gmail will use a version of MIME sniffing along with heuristic and other virus scanning methods to figure out the file contents regardless of file extension in addition to blocking certain file extensions from the get-go?
 
gregmcc said:
Most intelligent scanners will look at the mail headers - so renamed files will be dropped. A lot of corporates will also block attachments that cannot be scanned (ie password protected archives)
Click to expand...
1. Renamed files, yes. Original filename is still embedded in EXE header of the file. The way to hide original filename is to rename it before encrypting. If you don't rename the file, filename is shown in the archive header in unencrypted form.

2. Password protected archives. There are two considerations:

2.1. Indication in headers that archive is password protected. Companies can simply detect it. Find compressor which do not give such information.

2.2. Wrong checksum when incorrect password is entered. ZIP does it, it is wrong. There are compressors which will decompress gubberish when using wrong password and will not report password errors. They still have checksum, but this checksum is created after encryption is applied. I think arj or lha works that way.
 
Any email that sends me a purported PDF file inside a zip file will get deleted outright

Same goes for emails from strangers that ask me to open a zip file and do something with the contents.

Also password-locked zipped files that I'm supposed to unzip with the supplied password...

I'm not that daft.
 
Last edited:
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X