Messaging Gateway

 View Only

  • 1.  Blocking Attachments

    Posted Nov 07, 2007 11:22 AM
    SMS for SMTP 5.0.1 running on Windows Server 2003 R2 SP2
     
    I tested file attachment blocking yesterday and found that SMSSMTP does not block EXE file attachments (and probably all other dangerous executables). SMSSMTP virus policy and other policies are left at default setting.
     
    How do I manually block attachments by file extensions (or by file types)?


  • 2.  RE: Blocking Attachments

    Posted Nov 07, 2007 03:15 PM
    I added a new Content Compliance policy with the following settings:
     
    • Apply to Inbound and Outbound Messages
    • Apply to the Default group
    • Conditions: If a message contains attachments in list "Executable Files"
    • Action: Hold message in Spam Quarantine

    and here's what I found out:

    If the sender's email address is in the Allowed Senders - Domain Based, the above policy gets bypassed. When I remove sender's email address from Allowed Senders list, the above content compliance policy works as expected.
     
    This means that if I whitelist (Allowed Senders - Domain Based) our business related domains, they can send us executable attachments. Also, spammers who spoof their email address to match our whitelist can send us executables as well. This is bad.
     
    Is this how SMSSMTP works? Am I doing something wrong? My goal is to whitelist business contact domains (or email addresses) AND block all executable attachments at the same time.
     


    Message Edited by Ronnie J on 11-07-2007 12:21 PM


  • 3.  RE: Blocking Attachments

    Posted Nov 07, 2007 03:52 PM
    SMS for SMTP administration guide says:
     
    ...if a message's sender matches an entry in your Blocked Senders Lists or Allowed Senders Lists, compliance policies will have no effect on the message.
     
    and
     
    ...Allowed Senders Lists and Blocked Senders Lists have higher precedence than compliance policies
     
    With those in mind, how can we whitelist email addresses/domains and control what attachments are/aren't allowed to enter/leave our company mail server?
     
    Anyone?