This may not be a Postfix problem, but bearing in mind the recent events
this forum may have some good ideas.
After the recent rasomeware attacks we are considering the idea of
blocking all attachments. I am not sure of the best way of doing this,
but several ideas have been put forward:
1. block all email with attachments - a little too drastic for some as
there are legit reasons for attachments.
block all email that is in any format that can hide executable code.
2. rename attachments so that they will not/cannot be executed/run by
just opening them.
3. only allow email with attachments from a preauthorized list of
senders. I am not sure that this would be effective as sender
addresses are (i believe) easily spoofed.
4. email with attachments are diverted to a recipient for examination.
If cleared they could then be forwarded to the original addressee.
At lot of work for someone.
5. a variation on 2. sender has to asks the recipient for permission to
send attachment. Recipient then adds sender to list, recipient will
be automagically removed from list after a period of time.
I am not keen on any of these. But as I have to come up with a
recommendation I think I would go with 1. If you want to send us
something then put it in "drop box" and tell us about it. My second
choice would be 5 + 2.
Another idea is to attachments are diverted and held for a period. After
which they would be automatically be sent on as "normal". If there is
something going on then the automatic forwarding would be suspended.
Are any of these do-able and if so where can I find suggestions on how
to implement.
JohnA
