Lots of sites have bans on executable attachments. If you send them an .exe or .scr file, for example, the attachment will be removed from the email or the intended recipient won’t even get your email. Generally, they allowed you to send executables in .zip files. Or, put a password on the .zip file so that the virus scanner doesn’t even bother to look at it.
Of course, this is a hole. Just have your virus send out a passworded .zip file and include the password in the body of the email. Some users will still open the attachment and your virus will spread. That was my thought, anyway. The solution is to not allow any executables anywhere. You can still see filenames inside of an encrypted .zip file, so your email scanner can just look at the filenames and drop or block any executables even in the .zip file.
It seems that virus writers have finally gotten around to exploiting this. Some people are gullible enough to open anything. Evidently I’m in the addressbook of one of the most well-connected gullible people there is. Every time a new virus crops up, I get a few copies “from” well-known Perl hackers. I say “from” because, of course, the from address has been forged. Yesterday, I started getting emails that went something like this. This one is particularly clever:
Dear user of "Everybody.org" mailing system, Our main mailing server will be temporary unavaible for next two days, to continue receiving mail in these days you have to configure our free auto-forwarding service. Advanced details can be found in attached file. In order to read the attach you have to use the following password: 33803. Sincerely, The Everybody.org team http://www.everybody.org [2. application/octet-stream; MoreInfo.zip]...