|: E-mail : MIMEDefang|
We chose a system called MIMEDefang to help filter malicious attachments. Its design is solid and efficiently scans all messages that pass through our servers. MIMEDefang also has many more features that will allow us to help fight email-borne worms and viruses.
Nearly all of these worms and viruses take advantage of holes in the security of Microsoft's Outlook and Outlook Express and Microsoft Windows itself. To help stop the spread of these email-borne worms, the easiest thing to do is to remove attachments that are windows executables, or somehow render them harmless. This is the main purpose of MIMEDefang. As it stands, we block these attachments.
bat, cmd, com, cpl, dll, exe, lnk, ocx, pif, prg, reg, scr, sys, url, vb, vbe, vbs, hta
We feel that most legitimate senders of such attachments would normally use some type of compression utility (such as Winzip which is included on our CD) before sending these types of files, which would in turn change the file extension to one that would not be blocked. Any text/plain or text/html parts will be intact with the beginning of the message having the following statement.
=== WARNING: This e-mail has been altered by MIMEDefang. Following this paragraph are indications of the actual changes made. For more information about your site's MIMEDefang policy, contact NETDOOR Spam Filter Administrator firstname.lastname@example.org. For more information about MIMEDefang, see: http://support.netdoor.com/email/filtering.html An attachment named (name of file) was removed from this document as it constituted a security hazard. If you require this document, please contact the sender and arrange an alternate means of receiving it. ===