[Dshield] Email blocking security question

Ian Cottrell ian.cottrell at rogers.com
Thu Mar 6 03:46:50 GMT 2003

> I have a security question that has come up as a sort of internal
> debate.   Archive files (.zip) specifically.  Do you allow them thru the
> firewall in email attachments?  Some of my peers feel they should be
> blocked as they can be autoexecuted.  I'm not sure, I didn't think they
> could be but we need to be safe these days.  Currently we block .pif,
> .scr, .exe, .bat, .vb*, .com    anyone think of any others.
> Thanks
> Richard Roy
> Network Administrator
> JusticeTrax Inc
> 602-938-0059 x102
> royr at justicetrax.com

At work, we block 37 different extensions (as recommended by M$).
 Zips are allowed, but are scanned for any of the proscribed extensions
inside.  I don't have the complete list here at home, but can provide it if 
anyone wants it.

Ian  Cottrell
Manager, Engineering
Dept of Justice Canada

Ian Cottrell                     e-mail: ian.cottrell at justice.gc.ca 
A/Manager, Engineering Services 
Department of Justice            office: (613) 941-5233
Ottawa, ON, Canada

More information about the list mailing list