asked on Send EXE via email
Hi All,
I want to test my email server to ensure it is blocking inbound .EXE files.
Does anyone know how i can send an .EXE to test it. GMAIL and YAHOO wont let me send a test.
GmailEmail ServersEmail Software
Last Comment
skullnobrains
Simple Solution: Mention your target email address + someone can send your a message with a .exe attachment.
Note: Blocking of executable files is a band-aid that protects only recipients who click on it. When it comes to sending executables by email, I guarantee that no matter what method the server uses to block incoming executables there is a way to get around it.
Block files with the EXE extension? Rename the file extension
Block files with the EXE internal header? Send it as a RAR.
Block RAR files? Rename it to .JPG
Examine all files for file header types? Send in two pieces, one with the payload randomly scrambled, and the second being the XOR of the executable and the scrambled file.
And there is always steganography.
So do not rely on blocking executables as anything other than a layer of paint on the house. In the end the best defense is smart and suspicious employees.
Block files with the EXE extension? Rename the file extension
Block files with the EXE internal header? Send it as a RAR.
Block RAR files? Rename it to .JPG
Examine all files for file header types? Send in two pieces, one with the payload randomly scrambled, and the second being the XOR of the executable and the scrambled file.
And there is always steganography.
So do not rely on blocking executables as anything other than a layer of paint on the house. In the end the best defense is smart and suspicious employees.
7z (7-zip files) are usually not scanned and/or allowed. Optionally password protect the content.
ASKER
thanks for the feedback.
We have application allow-listing, so not thinking of the security side. The issue is i regularly have to do cyber surveys, so need to test and prove it.
We have application allow-listing, so not thinking of the security side. The issue is i regularly have to do cyber surveys, so need to test and prove it.
send a word doc or other OLE with macros and possibly embedded jscripts. google allows that. you will most likely confirm you can push through executables quite easily without a complacent user bothering to recompose it. actually many ransomware are transferred in this way.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
https://jetmore.org/john/code/swaks/ provides an all purpose tool for exercising email servers...
And...
To use SWAKS or any other test tool, you'll have to arrange to...
1) Send from an IP in your SPF record.
2) Add the correct DKIM signature, routing your message through your DKIM signing server... which is... only for the brave...
There may be other ways to achieve this... No way to tell without much more detail about your sending DNS setup...
Suggestion: Remove all SPF/DKIM/DMARC records, if you must do your test send from an oddball server.
Also be sure your server is on a hosting/provisioning company IP, as residential IPs are usually permanently RBL'ed.