[Dshield] Exchange server as fileserver :)

Pete Cap peteoutside at yahoo.com
Fri Feb 20 13:41:01 GMT 2004

Greets all,
Just had a thought regarding the propensity of our users to treat e-mail as a file exchange medium.
They do it because it's so easy and simple and because, to them, it's a completely transparent exchange (even if, as noted recently on this list, it actually typically takes more time than FTPing for the file).
So, quick solution here.
Dunno how difficult it would be to implement.
First off, automatically strip all files from e-mails EXCEPT some type of specially designed link file.
Set it up so that when users want to e-mail a file, a separate process copies the file in question to the internal corporate (or whatever) fileserver.  The attachment is replaced by a link to the file on the fileserver.
When the recipient recieves the e-mail, he clicks on the attachment as always and it downloads from the fileserver to his desktop.
So the process is slightly less transparent but you get the benefit of quarantining all file transfers on the fileserver for examination before they actually go anywhere.

An added bonus is that you could set up other entities to be able to access your fileserver...so the "mailed" files would only occur between entities with trust relationships.  There would be no possibility for "out of the blue" file transfers, although you could set it up so that anyone could upload with some kind of web interface...
I can think of a few problems off the bat, but I want to see what your criticism is first...lay it on me :)


Do you Yahoo!?
Yahoo! Mail SpamGuard - Read only the mail you want.

More information about the list mailing list