Re: Email Attachment Blocking

[Bob Bayn <bob.bayn () USU EDU>]

We use Ironport spam firewalls and have enabled their "strip-executables" function which blocks all  exe,java,msi and 
pif file extensions. The attachment is replaced with an advisory message and the original email is delivered.  We 
provide a "big file transfer" dropsite for files that are big (obviously) or of an unacceptable file type.  BFT sends a 
brief message to intended recipients with a link to upload the waiting file.  Of course, the sender can always zip or 
encode the file, or just munge the filetype and give instructions to the recipient to undo the munge.

Bob Bayn     (435)797-2396     Security Team coordinator
"IT will NEVER ask for your password via email, honest!"
Office of Information Technology at Utah State University
________________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Steve 
Brukbacher [sab2 () UWM EDU]
Sent: Tuesday, January 27, 2009 2:30 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Email Attachment Blocking

Hi,
I'm taking an informal survey to see if others are currently blocking
any email attachments at the mail server (or component of your mail
server infrastructure).  If so, which ones?

If yes, does the email simply get dropped or does the sender and/or
recipient receive some sort of notification?

Any comments on how you worked with your user community on this would be
helpful as well.

--
Steve Brukbacher, CISSP
University of Wisconsin Milwaukee
Information Security Architect