[Top] [Prev] [Next] [Bottom]




Blocking attachments


Under certain circumstances, you may wish to prevent certain users from sending and/or receiving messages with any kind of mail attachments.

Furthermore, in highly sensitive environments, it may be desirable to prohibit the use of mail attachments altogether.

MAILsweeper can be configured to detect and block all messages with attachments. This is achieved by editing the [Validation] configuration section to ensure that the DetectAttachments directive is no longer commented out.

For MAILsweeper the [Validation]section is found in the validator configuration file, VALIDATE.CFG.

That is, change:

[Validation]
;DetectAttachments=VALATTR

to

[Validation]
DetectAttachments=VALATTR
The MAILsweeper service will have to be restarted for these changes to come into effect.

If DetectAttachments is activated for MAILsweeper, any message with an attachment is discarded. The sender of the message is informed accordingly.

You may wish to block or allow attachments for certain users or groups of users only.

This can be achieved by creating a new AMUcheck rule to name the users and then setting an attribute during AMUcheck validation. This attribute can subsequently be checked in the [DetectAttachments] section, using a PerformIf directive (to block attachments for certain users only) or a SkipIf directive (to allow attachments for certain users only).

For example:

In AUTHFILE.TXT:

RESPONSE allow 
RESPONSE isjunkmail PRIORITY 1
RESPONSE copyadministrator PRIORITY 1
RESPONSE deny PRIORITY 2
RESPONSE No_Attachments PRIORITY 2

FROM *@* To *@* allow     ;allow everything

FROM	user1@company.com ;List of users not allowed
	user2@company.com ;to send attachments.
	user3@company.com
 To *@* No_Attachments

FINISH

A new AMUcheck rule is defined.

In this example, the rule names the users not allowed to send attachments.1 When the addresses of a message match with this rule the <Response> generated by AMUcheck is No_Attachments.

A new RESPONSE statement is also listed in the first section of the file, to define the No_Attachments <Response>.

In VALIDATE.CFG:

[AMU]
AuthFile=C:\MSW\CONFIG\AUTHFILE.TXT
If=No_Attachments, NoAttachments=TRUE, allow

If the <Response> generated by AMUcheck is No_Attachments then an attribute called NoAttachments is created, with the value TRUE. This is the attribute that is checked in the [DetectAttachments]section.

The <Response> is then reset to allow. This is the actual <Response> generated by AMUcheck. It allows the message to be delivered normally, assuming no higher priority <Response> is generated by one of the configured plug-in validator instances.

[DetectAttachments]
PerformIf=NoAttachments==TRUE
HaveAttachments=NumAttachments>0

The value of the NoAttachments attribute is checked in the [DetectAttachments] configuration section, using the PerformIf directive.

If the value is TRUE then checking by the [DetectAttachments] section is performed.

For a similar configuration, using SkipIf to allow attachments for certain users only, see the blocking executables example on page 5-26.

See the AMUcheck section on page 7-97 for more details. Also, for more details on the If, PerformIf and SkipIf directives, see the Common validator directives section on page 7-102.
 



[Top] [Prev] [Next] [Bottom]



1 Checking for attachments needs only to be performed for these users. This is achieved by including a PerformIf directive in the [DetectAttachments] section.

msw.support@mimesweeper.com

Copyright © 1998, Content Technologies Limited. All rights reserved.