Blocked Extensions in password-protected zip archives

Randal, Phil prandal at herefordshire.gov.uk
Tue Aug 14 13:43:25 IST 2007 

This is not intended as a flame, so please don't take it as one.

Once again, "business requirements" take precedence over security.

That's not your choice, I know.

email is NOT a secure and reliable transfer mechanism for sensitive content.

Nobody should be sending password-protected zip files to anybody by email.  Ever.

The best way is to have an https portal site or similar that these files can be uploaded to.

How do other MailScanner users handle this issue?

Phil
--
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK  

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info 
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
> Of Sattler, Tim
> Sent: 14 August 2007 12:59
> To: MailScanner discussion
> Subject: RE: Blocked Extensions in password-protected zip archives
> 
> I have set "Allow Password-Protected Archives = yes", but encrypted 
> archives are nevertheless blocked if they contain files with blocked 
> extensions. 
> 
> Now I could set "Maximum Archive Depth = 0" to solve this issue, but 
> then files with blocked extensions would also pass in non-protected 
> archives, which is not what I want. 
> 
> Therefore, I would either need an option to disregard blocked 
> extensions within password-protected archives or the possibility to 
> use a ruleset for "Maximum Archive Depth" with a different result for
> protected and non-protected archives.
> 
> PS: I know it's an additional risk to let password-protected archives 
> pass through, but it's a business need.
> 
> Regards
> Tim
> 
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info 
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
> Of Kai Schaetzl
> Sent: Tuesday, August 14, 2007 12:32 PM
> To: mailscanner at lists.mailscanner.info
> Subject: Re: Blocked Extensions in password-protected zip archives
> 
> Tim Sattler wrote on Tue, 14 Aug 2007 09:49:24 +0200:
> 
> > Is it possible? Or is there another way how I can achieve a 
> different 
> > handling of blocked extensions for password-protected on 
> one hand and 
> > normal zip archives on the other?
> 
> Are you sure this is a matter of "blocked extensions"? I 
> rather think this 
> is a matter of "password-protected archive". MailScanner treats 
> password-protected archives as viruses. It would need to stop 
> that. This 
> topic has come up regularly in the past, but Julian is 
> reluctant to do 
> this. The effect of handling it as a virus is that it doesn't 
> get saved to 
> the quarantine (if you keep it "clean") and thus can't be released.
> 
> If you want to have all password-protected archives just pass thru 
> directly in the inboxes then set
> Allow Password-Protected Archives = yes
> but this will also allow password-protected archives with 
> malware right in 
> the inbox.
> 
> Kai
> 
> -- 
> Kai Schätzl, Berlin, Germany
> Get your web at Conactive Internet Services: http://www.conactive.com
> 
> 
> 
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> 
> Before posting, read http://wiki.mailscanner.info/posting
> 
> Support MailScanner development - buy the book off the website! 
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> 
> Before posting, read http://wiki.mailscanner.info/posting
> 
> Support MailScanner development - buy the book off the website! 
>

More information about the MailScanner mailing list