Gmail Anti-virus

[Lazybones]

http://mail.google.com/support/bin/answer.py?answer=25760&topic=1568

How does anti-virus scanning work?

Each time you send and receive attachments, Gmail automatically scans them for viruses.



If a virus is found in an attachment you've received, our system will attempt to remove it, or clean the file, so you can still access the information it contains. If the virus can't be removed from the file, you won't be able to download it.



If a virus is found in an attachment you're trying to send, you won't be able to send the message until you remove the attachment.

Maybe Gmail will finnaly get out of beta with this feature..

[Shayne]

I doubt gmail will ever be out of beta.  Look at google news...3 years and counting!

[Thorin]

As long as its in beta, there's no business need to prove that it actually makes money for the company.



I recently tried emailing a .mdb file to myself - GMail won't accept them!  But if I rename it as a .txt file, and then rename it back when I retrieve, it works fine.  So when exactly did Google assume the right to limit what file types I send via the GMail service?  Not to mention that looking only at the file extension is a flawed determination of a file's type.

[Mr. Analog]

Some file types can be accessed by a certain crap browsers API without user interaction thanks to ActiveX integration, so by not allowing certain types of file extensions Google protects you from getting infected while using their web-based client with your OS-integrated browser of non-choice.



Now most of us Technorati are smart enough to find a plethora of ways to circumvent this minor annoyance (renaming, zipping, etc), sadly we must suffer the failings of the ignorant masses.

[Shayne]

i normally compress with rar and send files as .rar, works like a charm.

[Shayne]

Just a note, zipping an executable and sending it fails  Google must extract the file to check it.

[Thorin]

Just a note, zipping an executable and sending it fails  Google must extract the file to check it.

With "fails", do you mean it fails to send, or GMail's virus scanner fails?

[Shayne]

Fails to send.  Last-time i tried to email an exe to myself i zipped it and it said something to the effect of it being an invalid file or something.



Renaming the extention to something different would probably be easier then running a different compression over it.

[Darren Dirt]

As long as its in beta, there's no business need to prove that it actually makes money for the company.



I recently tried emailing a .mdb file to myself - GMail won't accept them!  But if I rename it as a .txt file, and then rename it back when I retrieve, it works fine.  So when exactly did Google assume the right to limit what file types I send via the GMail service?  Not to mention that looking only at the file extension is a flawed determination of a file's type.

Ditto for .XLS, IIRC. I just added .ZIP to the end of the filename, and after receiving it took off the .ZIP, no problem.



Methinks Google wants to wash its hands clean of any Microsoft-caused virus-spreading. Plus it promotes Open Source alternatives by making it a pain to attach proprietary software    (j/k)



I personally would have preferred they give you a warning -- saying "Files with the extension .XLS/.MDB may contain executable code that may cause harm etc. Still proceed? [OK] [Cancel]" or something like that.



But we all come up with workarounds to annoyances like this



- - -



In hindsight, one of the other postings reminded me: It was a ZIP file it didn't like, because it contained a .BAT file of all things... So when I renamed the .ZIP to .XLS, it was fine -- since it didn't think it was an archive containing other files, it had no need to attempt to "figure out" what files it contained

[Lazybones]

All of the above are also blocked in Outlook 2003 and in Exhcange Outlook Web Access.



Remember WINDOWS determins a file by extention, so you could almost put any typle of executible code in an .exe, .bat, .pif, .cmd ..... And windows will try to execute it if you or your browser ask.



File types such as .XLS migh render in HTML bases emails as windows uses the IE engine to render them.. Carefully crafted non valid code could be used to exicute in the browser.



Sure they are dumb filters that should ALSO have file checks on them, but its much cheaper to scan on millions of messaged than doing  a DEEP scan with a virus checker.. The CPU load is huge when that is done.

[Shayne]

This virus scanner is totally worthless.



First off the majority of files that can cause an infection (executing code) are blocked by default duing the uploading.  Secondly any creative scripting that could potentially do any harm isnt technically a virus as it wouldnt be self-propigating (unless it somehow is able to download and run executable code) and wouldnt be stopped by a virus scanner anyways do it it being just plain text.  Finally i can compress a massively infected exe inside a rar file which would pass the virus scanner (unless they uncompress it, which i doubt the uncompress every known compression type (the CPU required would be MASSIVE)).



So they will in the end be scanning files that cannot hold viruses (mp3, jpg, bmp, doc).



Am i missing something?

[Mr. Analog]

Marketing boost due to adding "value" through the apparent protection of a superfluous virus scan?



I suppose if someone were to expoit non-executable files (like that JPEG virus a while back) as trojans that Google could scan for them?

[Shayne]

Having a jpg run executable code isnt a virus, that would again be an exploit.



media such as avi, mpg, mp3, jpg, bmp etc are non-executable, they require another program to function.  If their are flaws in the systems that render/play them how would this be solved by this virus scan? PNG had a similar situation a while back with its rendering system having issues.



I suppose this would however stop viruses for people taking exe files and changing the extention to .ogg or something and sending it as the virus signature would be detectable no matter what.  However even then trying to play this .ogg in winamp wouldnt execute it, the user would need to change it back to .exe to run.



Its pure genious though as this seems to be one of the hot topics on the internet today. I commend Google for the smoke, mirrors, gulible users, and getting your name in the paper!

[Lazybones]

Email is the primary vector for infection these days.. It used to be the floppy drive, then the network share, now it's email.



Also most if not all Anti-virus software detect trojens and exploits, with Ad ware being a 3rd category ususaly covered by another product or feature pack.



As I see it any extra layers of protection are a good thing.. I use Gmail as my only personal email account, having files scanned there and after they are download to my system is a good thing as scanners depend so heavily on signatures and the protection for each vendor varies a little.



If you also take into account extensions to Gmail such as the File system project you have to start being concerned about what files people are storing and possibly sending.



As for scripts, assuming the anti virus solution is as good as the spam filter, malicious script could be blocked system wide appon discovery. Protecting a large number of users who had not yet attempted to open the file.



As for marketing.. I say its more Feature complete.. I don't know about Yahoo, but Hotmail has had virus scanning for a long time.. Not to say it works all that well but it does help reduce the spread of these things as Webmail is very popular with the less computer literate.

[Thorin]

And here goes Google, slowly slipping down the slope to Evil.  Why, if we convince you its good for you, then it really is, right?  For those of you who read /., what is the general consensus there of this feature?  Didn't take us all that long to figure out it's really not useful...