Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Any help blocking phishing emails with .zip attachments

Posted on 2013-11-17
4
Medium Priority
?
970 Views
Last Modified: 2013-12-11
My business is being besought with phony emails trying to get the receiver to open a zip file attachment.

Some of these are darn clever and I have tried and tried to educate my people. Nevertheless, some eventually get through.

I am on a shared hosting hosting plan that uses C-Panel. The only mail filtering is Spam Assassion and Email Authentication.

I have spoken to my service provider to see if there was a way to flag zip file attachments, but he says no.

I  would like to inform our vendors that we don't accept zip files, or that zip files must be directed to a specific address, and filter out all of the others.

It there a method for this or are there other filtering methods that I don't know about? Surely this is a big enough problem world wide that there are some solutions, or at least partial solutions.
0
Comment
Question by:David Brugge
4 Comments
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39655562
The fact that you're using a shared host limits your options.
Chances are that your host uses Exim and don't want to bother to set up rules for your domain.

What you can do is pay for something like SpamExperts ( http://www.spamexperts.com/en ) and ask your host to configure it for you. With it you can set up your blocked extensions using the UI.

PS: I used to get a LOT of spoofed mail using only SpamAssassin. Very little now with Spam Experts.

HTH,
Dan
0
 
LVL 57

Expert Comment

by:McKnife
ID: 39656051
Hi.

> I  would like to inform our vendors that we don't accept zip files, or that zip files must be directed to a specific address, and filter out all of the others.
If you think about this measure, why not tell your vendors to send only attachments zipped as 7zip (.7z) from now on? 7zip is free. You could block the attachment type .zip afterwards, either at your endpoints or at the mail server (if technicalkly possible*). Spammers almost never use .7z because windows would need 7zip installed, while .zip needs no additional program.

* at the endpoint: with outlook for example, we can block certain file types.
0
 
LVL 26

Author Comment

by:David Brugge
ID: 39657584
Sounds like part of a solution. We don't use Outlook because of the problems they had years ago when we were setting up the system. As a result most of the stations use Eudora and a few use Thunderbird.

I haven't found a way to filter file types in Eudora, haven't checked Thunderbird, but only two stations use it and it's not likely I can convince anyone to change.

As far as filtering at the mail server, this seems logical to me, but it is above my pay grade.
0
 
LVL 15

Accepted Solution

by:
Giovanni Heward earned 2000 total points
ID: 39657814
I highly recommend you look into FireEye, Invincea, EMET, and OpenDNS.

Redirecting your mail simply requires modifying your MX record to point to a provider which gives your more control (migration issues aside.)  Google Apps is one such provider (see Attachment Filters, etc.)

Not only that, you'll get access to multiple redundant mail servers and full-time anti-malware teams.  If your current provider won't allow this control, vote with your wallet.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question