Solved

Block non-password protected .zip attachments.

Posted on 2010-08-24
6
1,014 Views
Last Modified: 2012-05-10
Is there a free or really cheap solution to be able to block outbound email with attached .zips that are not password protected?

I understand that I can do a search on Google and get lots of hits but I would like to hear from people that are actually using the application they are recommending.

We are currently using MS Exchange 2003 and MessageLabs (external SMTP). Email clients are using Outlook 2003 and the approximate total user base is 170.
0
Comment
Question by:SSAKUSEISHA
  • 3
  • 2
6 Comments
 
LVL 9

Expert Comment

by:Barry Gill
ID: 33518904
just a question... more people are likely to refuse password protected zip files than those that aren't as this is a common attack vector used by virus writers.
Are you looking to secure your users data, attachments etc? Have you considered using a more appropriate encryption technology?
0
 

Author Comment

by:SSAKUSEISHA
ID: 33519190
barrulus, thank you for your comment.

Actually, this is supposedly a compliance requirement (I'm not in the US) so even if that is the case, management wants it implemented.
0
 
LVL 3

Accepted Solution

by:
jabri007 earned 125 total points
ID: 33519199
I guess IMSS 7.2 for Windows would actually be Best as per your requirement
0
Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

 
LVL 9

Assisted Solution

by:Barry Gill
Barry Gill earned 125 total points
ID: 33519537
compliance requirement?
There is NO legislation that mandates zipping files, though there is plenty that mandates securing and encrypting specific types of data (particularly private data and financial data). The forms of encryption accepted do not include password protecting zip files.

Messagelabs have an encryption product and a TLS product that will meet your legislative requirements alot better (I work for a competitor of theirs, but I know what they have).

Best thing to do is guide your management correctly, blindly implementing a technology because someone "said so" will ultimately cost you pain and suffering when you have to reverse engineer it all at a later stage.

Find out what legislation they are trying to comply with, I can direct you in terms of what the actual best fit application/service will be to meet that requirement.
0
 

Author Comment

by:SSAKUSEISHA
ID: 33555167
Thank you for your comments and advice. I was hoping that more people would comment so my apologies for not updating sooner.

I have requested to see the actual compliance rule but have yet to receive it. I am in Japan and JSOX (born from U.S. SOX) is the name of the regulation. It just started about two years ago and many of the technical guidelines are still unclear.

We have already looked at TLS with MessageLabs but the fees that Message Labs Japan wants to charge was not inline with what the business is willing to pay. We also looked at changing over to Postini for a better TLS rate but management did not want to change the current email infrastructure.
0
 

Author Closing Comment

by:SSAKUSEISHA
ID: 33750058
Thank you for your assistance. I still have not been able to get clear requirements but for now, it appears that simply creating a management control of requiring attachments to be zipped and encrypted with 7-Zip will be sufficient.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this step by step procedure, you will come to know the details of creating an Outlook meeting in 2007, 2010, 2013 & 2016.
When you have clients or friends from around the world, it becomes a challenge to arrange a meeting or effectively manage your time. This is where Outlook's capability to show 2 time zones in one calendar comes in handy.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question