Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Email filtering - Which file types to block

Status
Not open for further replies.
shedlord

shedlord

IS-IT--Management
Jan 13, 2005
14
0
0
GB
Our email scanning is run by an external company. It has been working up to a point, but due to the large amount of spam getting through they are upgrading this service. As part of this upgrade, I have been given a list of attachment file types and asked which I want them to block and which to allow.

Half of these I am pretty sure about, but I need some guidance on what some of the others are and whether they are a genuine security threat.

Here's what I have left...

Binary - encrypted

Binary - not protected

LZH compressed archive (if we allow .zip, any reason not to allow these?)

Binhex

Microsoft Compress

TNEF

Possible install shield

PEM - Privacy enhanced mail (we are allowing PGP, so why not these?)

ARJ (see LZH comment)

TAR

CMP

GZP

UUE

Apple double resource fork

Apple single

CDA

DCX

Embedded OLE Object

Embedded OLE Package

JTD

Lotus 123

MS Project - MPP

Pattern matched

XML

Win32 Unknown Executable

DWG

PPM

WMF

PCX

PKCS message



Then, is there any reason to allow any of these scripts in a business email message...

Javascript, JavascriptEncoded, Unknown Script, VBScript, VBScriptEncoded


Thanks
 
Sort by date Sort by votes
Almost anything can be a security threat of some sort. But, I entirely agree with your LZH comment - if you're going to allow .zip, then there's no reason not to also allow: LZH, ARJ, TAR, GZP and probably MS Compress.

DWG is an AutoCAD drawing file - These are passed around the internet all day long at millions of companies. I'm not aware of a any security threats related to these, but that doesn't mean that one doesn't exist.

W32 unknown executable - definately block this, I can't think of any reason to let it through.

Some of the others like XML have legitimate uses, but could be abused by some security vulnerabilites if the machines are un-patched against these vulnerabilities.

Some of the others are judgment calls. In general, block them unless there's a legitimate reason not to - I assume that you could unblock them at a later date if the need arises.
 
Upvote 0 Downvote
Thanks Smah. I sent a memo round today listing files we're proposing to block, including loads of multimedia file types.

"Does that mean I won't be able to get my funny videos any more?!"

"Give me a good business reason to allow them"

"They brighten the day and put a smile on people's faces"


Well, it's one angle I suppose.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dik
  • Locked
  • Question
Deleting Graphics from eMail Signature 1
Replies
4
Views
106
dik
dik
dik
  • Locked
  • Question
Expanding eMail Messages in Thunderbird 1
Replies
2
Views
104
dik
dik
Abubakkar Siddik
  • Locked
  • Question
Migrating users from Mail Enable to Office 365
Replies
0
Views
82
Abubakkar Siddik
Abubakkar Siddik
bdeal4122
  • Locked
  • Question
Vanishing emails
Replies
4
Views
88
sbcglobaltech
sbcglobaltech
dik
  • Locked
  • Question
Transferring eMail to Hard Drive 2
2
Replies
35
Views
193
dik
dik

Part and Inventory Search

Sponsor

Back
Top