Balancing security and usability can be an awfully challenging task. On one hand, users want to be able to do things without being bothered by the system: yes, dammit! I’m sure! Yes, I’m sure I want to open this macro-laden Excel spreadsheet from my email. On the other hand, they want the system to warn them about dangerous things: well how was I supposed to know that a “money making proogram” from my “long-lost hig schol freind” that neglected to mention her name was a virus?

Excite.com seems to have found a unique balance to security and usability. For security purposes, they simply block all “unacceptable extensions.” And then provide some helpful advise on bypassing their security feature ...

 

Date: 8 May 2007 17:02:15 -0000
From: [email protected]
To: **************@yahoo.com
Subject: failure notice
Content-Length: 50633

Hi. This is the qmail-send program at yahoo.com.

I'm afraid I wasn't able to deliver your message to the following
addresses.

This is a permanent error; I've given up. Sorry it didn't work out.

<************@excite.com>:
***.***.***.*** failed after I sent the message.
Remote host said: 550 5.7.1 Your mail was returned due to the
following: Attachment type not allowed. File "mini3.zip" has the unacceptable
extension "zip". Please try compressing your attachment or renaming the
file extension if you wish to resend.
[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!