[Dshield] Exchange server as fileserver :)
mbruyere at ezemcanada.com
Fri Feb 20 14:31:16 GMT 2004
On my side this would be practically not feasible (or very hard to
implement on a security/privacy standpoint), we are actually looking into a
sharepoint server to manage internal file exchange... as of now it seems to
be a good solution but we are only in the start of tests. Don't know how
this will be handled under heavy load tho.
As for the user side, we plan to do a massive training (if the tests are
successful) to show then how to use the "new" web based system. If someone
has thoughts about another way to achieve that, just drop a line, I'm always
open to new ideas.
CompTIA A+, Network+
> -----Original Message-----
> From: Pete Cap [mailto:peteoutside at yahoo.com]
> Sent: vendredi 20 février 2004 08:41
> To: General DShield Discussion List
> Subject: [Dshield] Exchange server as fileserver :)
> Greets all,
> Just had a thought regarding the propensity of our users to treat e-mail
> a file exchange medium.
> They do it because it's so easy and simple and because, to them, it's a
> completely transparent exchange (even if, as noted recently on this list,
> it actually typically takes more time than FTPing for the file).
> So, quick solution here.
> Dunno how difficult it would be to implement.
> First off, automatically strip all files from e-mails EXCEPT some type of
> specially designed link file.
> Set it up so that when users want to e-mail a file, a separate process
> copies the file in question to the internal corporate (or whatever)
> fileserver. The attachment is replaced by a link to the file on the
> When the recipient recieves the e-mail, he clicks on the attachment as
> always and it downloads from the fileserver to his desktop.
> So the process is slightly less transparent but you get the benefit of
> quarantining all file transfers on the fileserver for examination before
> they actually go anywhere.
> An added bonus is that you could set up other entities to be able to
> your fileserver...so the "mailed" files would only occur between entities
> with trust relationships. There would be no possibility for "out of the
> blue" file transfers, although you could set it up so that anyone could
> upload with some kind of web interface...
> I can think of a few problems off the bat, but I want to see what your
> criticism is first...lay it on me :)
> Do you Yahoo!?
> Yahoo! Mail SpamGuard - Read only the mail you want.
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see:
More information about the list