I had a conversation today with a staff member of my e-mail hoster, because the hoster just blocked some mails of customers of me, because they contained ZIP files.
After I asked why the mails have been blocked, they replied that the customer had mailed me a executable zip file and because there are currently a lot of mails with trojans attached, all mails with executable zip files would be automaticaly blocked.
Altough I know that mailing executable zips is 99% surely a trojan, I was confused. A executable (self-extracting) ZIP archive would not be a *.zip file, but must be a *.exe file, right?
I repied that to the staff and told him that – afaik – no operating system on the world would ever treat and execute a *.zip file directly as a program.
He replied that (without offence), I would have a great lack of information. I'm more or less translating from his german mail now: In different versions of ms-windows, a zip file will be directly displayed as a folder. In the current version of osX, a attached zip file will directly be extracted.
In both cases, the zip file will be scanned for special headers with additional directives. Executable code stored there will be of course executed without asking the user for permission.
That. I was baffled. How is "displaying a list of contents of the archive" the same as extracting and executing stuff from the archive? Because he implies thats the case. And altough I think auto-extracting files like apple mail does is a absolute no-go, this would still not execute anything. Or does it? Does that guy know more about zip files than me after working with them since forever?