Reviving an old idea about renaming forbidden extensions

Matthew Bowman mbowman at UDCOM.COM
Thu Jan 9 20:45:43 GMT 2003 

>Is whitelisting by domain really a good idea? If you want to whitelist a
>domain it means you'll regularly receive mail from them.

Its my preference purely for ease of administration and its less hassle.
Our own domains are whitelisted (From:)
and a couple of external ones e.g. travelocity.com, weather.com. There is a
potential risk but I am keeping on
top of all inbound and outbound e-mail to stop potentional chaos.

>You would need to trust all of the users in the foreign domain to not
>send/open any viruses to your site! And chances are that viruses come in
>from people you communicate with, not from strangers.

All outbound e-mail is scanned with Symantec AV 8.0 for Lotus Notes since
we are all on a Domino Server. Outbound
attachments from our local domains with .exe extensions are rare, however
from time to time some of our departments
need to send out files with .exe extensions.

Rather than changing the rule to Allow .exe, restarting MailScanner, having
them send out the e-mail, change the rule,
restart mailscanner every time I would be interested in having other
'options' within MailScanner to allow .exe's to
go to certain email addresses with minimal intervention.


Matthew



                    Remco Barendse
                    <mailscanner at BAREN       To:     MAILSCANNER at JISCMAIL.AC.UK
                    DSE.TO>                  cc:
                    Sent by:                 Subject:     Re: Reviving an old idea about renaming forbidden extensions
                    MailScanner
                    mailing list
                    <MAILSCANNER at JISCM
                    AIL.AC.UK>


                    01/09/2003 03:27
                    PM
                    Please respond to
                    MailScanner
                    mailing list





Is whitelisting by domain really a good idea? If you want to whitelist a
domain it means you'll regularly receive mail from them.

You would need to trust all of the users in the foreign domain to not
send/open any viruses to your site! And chances are that viruses come in
from people you communicate with, not from strangers.

On Thu, 9 Jan 2003, Matthew Bowman wrote:

> On the same topic
>
> What about accepted filenames regardless of extensions.
>
> For example if we wanted to receive send and email that has the same
> filename attachment like projects.exe (archived zip) that contains
> documents, demos, presentations etc? Would it be possible to cater for
> that. Or simply if the domain is 'whitelisted', ignore filename.rules
> altogether?
>
> Matthew
>


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list