Educause Security Discussion mailing list archives
Re: Email Attachment Blocking
From: Jesse Thompson <jesse.thompson () DOIT WISC EDU>
Date: Wed, 28 Jan 2009 13:25:50 -0600
We scan for dangerous attachment types, and rename the file to ORIGINAL.EXTENSION_renamed. If the zip has an executable file inside of it, we rename the zip file. This prevents the file from being easily executed or opened. We also add a message to the body of the message indicating that we renamed it, and that they should verify the legitimacy of the file before they rename and execute it. More information about this here: http://kb.wisc.edu/wiscmail/page.php?id=6056 We've had great success with this implementation. It effectively blocks all undetected attachment-borne viruses. We received virtually no pushback from campus on this policy. Normally, with a decentralized campus IT environment such as ours, people complain about everything we implement. Jesse UW Madison Steve Brukbacher wrote:
Hi, I'm taking an informal survey to see if others are currently blocking any email attachments at the mail server (or component of your mail server infrastructure). If so, which ones? If yes, does the email simply get dropped or does the sender and/or recipient receive some sort of notification? Any comments on how you worked with your user community on this would be helpful as well.
-- Jesse Thompson Division of Information Technology, University of Wisconsin-Madison Email/IM: jesse.thompson () doit wisc edu
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Email Attachment Blocking Steve Brukbacher (Jan 27)
- <Possible follow-ups>
- Re: Email Attachment Blocking Ken Connelly (Jan 27)
- Re: Email Attachment Blocking Sweeny, Jonny (Jan 27)
- Re: Email Attachment Blocking Adam Nave (Jan 27)
- Re: Email Attachment Blocking Kieper, David (Jan 27)
- Re: Email Attachment Blocking Bob Bayn (Jan 27)
- Re: Email Attachment Blocking Miller, Don C. (Jan 27)
- Re: Email Attachment Blocking Joel Rosenblatt (Jan 27)
- Re: Email Attachment Blocking Vuong Phung (Jan 28)
- Re: Email Attachment Blocking Jason C. Belford (Jan 28)
- Re: Email Attachment Blocking Jesse Thompson (Jan 28)
- Re: Email Attachment Blocking Valdis Kletnieks (Jan 28)
- Re: Email Attachment Blocking Miller, Don C. (Jan 28)
- Re: Email Attachment Blocking Jesse Thompson (Jan 29)