Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Block non-password protected .zip attachments.

Posted on 2010-08-24
6
Medium Priority
?
1,039 Views
Last Modified: 2012-05-10
Is there a free or really cheap solution to be able to block outbound email with attached .zips that are not password protected?

I understand that I can do a search on Google and get lots of hits but I would like to hear from people that are actually using the application they are recommending.

We are currently using MS Exchange 2003 and MessageLabs (external SMTP). Email clients are using Outlook 2003 and the approximate total user base is 170.
0
Comment
Question by:SSAKUSEISHA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 9

Expert Comment

by:Barry Gill
ID: 33518904
just a question... more people are likely to refuse password protected zip files than those that aren't as this is a common attack vector used by virus writers.
Are you looking to secure your users data, attachments etc? Have you considered using a more appropriate encryption technology?
0
 

Author Comment

by:SSAKUSEISHA
ID: 33519190
barrulus, thank you for your comment.

Actually, this is supposedly a compliance requirement (I'm not in the US) so even if that is the case, management wants it implemented.
0
 
LVL 3

Accepted Solution

by:
jabri007 earned 500 total points
ID: 33519199
I guess IMSS 7.2 for Windows would actually be Best as per your requirement
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 9

Assisted Solution

by:Barry Gill
Barry Gill earned 500 total points
ID: 33519537
compliance requirement?
There is NO legislation that mandates zipping files, though there is plenty that mandates securing and encrypting specific types of data (particularly private data and financial data). The forms of encryption accepted do not include password protecting zip files.

Messagelabs have an encryption product and a TLS product that will meet your legislative requirements alot better (I work for a competitor of theirs, but I know what they have).

Best thing to do is guide your management correctly, blindly implementing a technology because someone "said so" will ultimately cost you pain and suffering when you have to reverse engineer it all at a later stage.

Find out what legislation they are trying to comply with, I can direct you in terms of what the actual best fit application/service will be to meet that requirement.
0
 

Author Comment

by:SSAKUSEISHA
ID: 33555167
Thank you for your comments and advice. I was hoping that more people would comment so my apologies for not updating sooner.

I have requested to see the actual compliance rule but have yet to receive it. I am in Japan and JSOX (born from U.S. SOX) is the name of the regulation. It just started about two years ago and many of the technical guidelines are still unclear.

We have already looked at TLS with MessageLabs but the fees that Message Labs Japan wants to charge was not inline with what the business is willing to pay. We also looked at changing over to Postini for a better TLS rate but management did not want to change the current email infrastructure.
0
 

Author Closing Comment

by:SSAKUSEISHA
ID: 33750058
Thank you for your assistance. I still have not been able to get clear requirements but for now, it appears that simply creating a management control of requiring attachments to be zipped and encrypted with 7-Zip will be sufficient.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question