Discussion:
Blocked my attachment
(too old to reply)
freeburn
2018-07-03 17:28:44 UTC
Permalink
Raw Message
All my accounts GMAIL !

Sending a .zip file to one of my other accounts.

GMAIL blocks it !

How do I send it ?
Ralph Fox
2018-07-03 18:13:04 UTC
Permalink
Raw Message
Post by freeburn
All my accounts GMAIL !
Sending a .zip file to one of my other accounts.
GMAIL blocks it !
See <https://support.google.com/mail/answer/6590>

Gmail does not block all .zip files. Gmail only blocks a .zip file
when the .zip file contains another file that is on Gmail's block list.

For example if the .zip file contains a .exe file, then the .zip
file would be blocked in order to block the .exe file.
Post by freeburn
How do I send it ?
A. You could remove the .exe file or other "potential security issue" file type
from inside the .zip file

B. Or, you could follow Gmail's instructions here:

1. Go to Gmail's support page for this issue
<https://support.google.com/mail/answer/6590>
2. Under "Why messages get blocked", click on
"Messages that have attachments" to expand it.
3. Read the part "What you can do".
--
Kind regards
Ralph
VanguardLH
2018-07-03 18:35:58 UTC
Permalink
Raw Message
Post by Ralph Fox
All my accounts GMAIL ! Sending a .zip file to one of my other
accounts. GMAIL blocks it !
See <https://support.google.com/mail/answer/6590>
Gmail does not block all .zip files. Gmail only blocks a .zip file
when the .zip file contains another file that is on Gmail's block list.
For example if the .zip file contains a .exe file, then the .zip
file would be blocked in order to block the .exe file.
Then rename the file before zipping it. If Google is searching on
particular filenames, even inside a .zip file, it won't get a hit if the
filename isn't on its list.

An even easier way to get around such trivial checks is to rename the
file to have a different extension, like changing file.exe to file.exx.
Possibly Google could look inside the file to see there is the 80-byte
header for an .exe file but I doubt Gmail is going beyond looking at
filetypes even inside of a .zip file. Send file.exe as file.exx and in
the body of the message tell the recipient to rename back to file.exe.

I just tested this. I copied an .exe file into my %temp% folder and
renamed it to .exx. In the Gmail webclient, I composed a new e-mail and
attached the .exx file. Not only did Gmail upload the .exx file to
attach while composing but it also sent the e-mail to my other account
with the .exx file attached.

Testing for candidate malicious files by filetype is a stupid method of
looking for executable attachments. A file can have any extension (aka
filetype) in its name whether it be .exe or .exx or something else.
Extensions are only hints at how the file might get used, not how it
must be used. Changing .exe to .exx is proof that filetype blocking is
a poor method of deterring executables from arriving via e-mail.

No need to use Google Drive to workaround simple filetype blocking.
Char Jackson
2018-07-03 22:48:50 UTC
Permalink
Raw Message
Post by VanguardLH
Testing for candidate malicious files by filetype is a stupid method of
looking for executable attachments. A file can have any extension (aka
filetype) in its name whether it be .exe or .exx or something else.
Extensions are only hints at how the file might get used, not how it
must be used. Changing .exe to .exx is proof that filetype blocking is
a poor method of deterring executables from arriving via e-mail.
Changing the extension of an executable from .exe to .exx helps to
prevent accidental launching of that executable, so in that sense it's
not stupid at all.
--
Char Jackson
VanguardLH
2018-07-04 02:48:34 UTC
Permalink
Raw Message
Post by Char Jackson
Post by VanguardLH
Testing for candidate malicious files by filetype is a stupid method of
looking for executable attachments. A file can have any extension (aka
filetype) in its name whether it be .exe or .exx or something else.
Extensions are only hints at how the file might get used, not how it
must be used. Changing .exe to .exx is proof that filetype blocking is
a poor method of deterring executables from arriving via e-mail.
Changing the extension of an executable from .exe to .exx helps to
prevent accidental launching of that executable, so in that sense it's
not stupid at all.
For filtering, yes, inane. That's what I was addressing. Renaming
executables is considerate polite to the recipient to prevent accidental
execution. Depends on the intelligence of the recipient (if you know
the recipient, that is).

Loading...