[fjdc]

Hello you all,

I’m the IT man in a commercial company
For security reasons I have implemented a rule that prevents receiving .zip attachments by mail, but I have lots of complains from customers.

This restriction was based on “preventing known viruses and other malwarethe potential virus masked inside zip files”

Please comment this action,
Is this rule necessary? Or was it a mistake.
Is there other IT’s that use the same rule?

Thanks in advance

[Advertisements]

I do this as well, but I have a whitelist where I can enter an address or domain to the list and attachments will be allowed from that domain.

Why just zip files? Did you get .scr, .exe, .js, and the many others?

[ScHwErV]

I do this as well, but I have a whitelist where I can enter an address or domain to the list and attachments will be allowed from that domain.

Why just zip files? Did you get .scr, .exe, .js, and the many others?

[dsenette]

this is common practice....the BEST method to keep baddies out...but keep your customers happy...is that when someone complains...tell them to change the file extension to .piz instead of ZIP...this way you know that the .PIZ file is comming from someone you know (like a customer or supplier)...the viruses or spammers or whomever that send out the zips (as of yet) haven't gotten up to the level of doing this themselves...so they will still get blocked

[fjdc]

Why just zip files? Did you get .scr, .exe, .js, and the many others?

Thanks ScHwErV & also dsenette for the interest.

To the record, my mail server doesn’t block only zip files but also more almost 50 others different extensions most of them where taken from the list that comes in Z0ne a1arm FWProg ( and some more that I just added for the bandwidth abusers , things like mp3, wmv, avi … )

More opinions, negative ones are also appreciate, don’t be shy