• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1021
  • Last Modified:

Any help blocking phishing emails with .zip attachments

My business is being besought with phony emails trying to get the receiver to open a zip file attachment.

Some of these are darn clever and I have tried and tried to educate my people. Nevertheless, some eventually get through.

I am on a shared hosting hosting plan that uses C-Panel. The only mail filtering is Spam Assassion and Email Authentication.

I have spoken to my service provider to see if there was a way to flag zip file attachments, but he says no.

I  would like to inform our vendors that we don't accept zip files, or that zip files must be directed to a specific address, and filter out all of the others.

It there a method for this or are there other filtering methods that I don't know about? Surely this is a big enough problem world wide that there are some solutions, or at least partial solutions.
0
David Brugge
Asked:
David Brugge
1 Solution
 
Dan CraciunIT ConsultantCommented:
The fact that you're using a shared host limits your options.
Chances are that your host uses Exim and don't want to bother to set up rules for your domain.

What you can do is pay for something like SpamExperts ( http://www.spamexperts.com/en ) and ask your host to configure it for you. With it you can set up your blocked extensions using the UI.

PS: I used to get a LOT of spoofed mail using only SpamAssassin. Very little now with Spam Experts.

HTH,
Dan
0
 
McKnifeCommented:
Hi.

> I  would like to inform our vendors that we don't accept zip files, or that zip files must be directed to a specific address, and filter out all of the others.
If you think about this measure, why not tell your vendors to send only attachments zipped as 7zip (.7z) from now on? 7zip is free. You could block the attachment type .zip afterwards, either at your endpoints or at the mail server (if technicalkly possible*). Spammers almost never use .7z because windows would need 7zip installed, while .zip needs no additional program.

* at the endpoint: with outlook for example, we can block certain file types.
0
 
David BruggeAuthor Commented:
Sounds like part of a solution. We don't use Outlook because of the problems they had years ago when we were setting up the system. As a result most of the stations use Eudora and a few use Thunderbird.

I haven't found a way to filter file types in Eudora, haven't checked Thunderbird, but only two stations use it and it's not likely I can convince anyone to change.

As far as filtering at the mail server, this seems logical to me, but it is above my pay grade.
0
 
Giovanni HewardCommented:
I highly recommend you look into FireEye, Invincea, EMET, and OpenDNS.

Redirecting your mail simply requires modifying your MX record to point to a provider which gives your more control (migration issues aside.)  Google Apps is one such provider (see Attachment Filters, etc.)

Not only that, you'll get access to multiple redundant mail servers and full-time anti-malware teams.  If your current provider won't allow this control, vote with your wallet.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now