Yesterday I had a pleasure of hanging out with half a dozen of our customers and at some point I got the Vista treatment:
We really love your product, but the file rules blow.
This is Vlad’s version of UAC. ExchangeDefender filters based on content type (tnef expanded Outlook attachments widely used in the exploit land), content name (things ending up in .bmp) and a few hundred other manual checks. Here is the problem. Microsoft’s .bmp, .pif, .scr and so on are widely used to propagate trojans, worms, etc. Users are stupid. So although Bob the sysadmin wants to get a zip file that has codebase or executable content inside of it, we cannot allow that to go through because then the user gets the message such as:
Dear Quickbooks User,
Attached is an archive with the software upgrade for Quickbooks. Double click on the zip file and launch the setup.exe program.
Sincerely,
Intuit Security
And, well… poof. They are 0wn3d. So one of the really useful features ExchangeDefender allows for is managed security – we sit on top of major infosec lists and watch for exploited extensions / filetypes. We look at our internal reporting and constantly program in attack patterns, etc. But every now and then we get this:
My user didn’t get my email because I inserted my .bmp signature. I don’t care its dangerous, works everywhere else, I demand you drop down the entire site security.
I need to get these files. I don’t care about security.
I am sick and tired of you blocking all the useful stuff. Open it up.
But after sitting around yesterday and listening to the feedback, I understand that ExchangeDefender may at times be more of a nuisance than a beneficial security layer. If it causes you more overhead and you’re willing to compromise your security (and set your own tradeoff level) I am willing to make that compromise.
And since I don’t work for the blue badge of inefficiency, I would like to let you know that we have worked overnight and that this feature is available in ExchangeDefender right now. How’s that for a major feature deployment in under 20 hours?  And no, this is not something we have been working on for years, this is something I started cranking on at 4AM and it’s functional against my domains now.
-
Provide your own extension blocklist
-
Provide your own filetype blocklist
-
Provide your own malware preferences (block, reject, bounce, forward, redirect, disarm, convert-to-text)
No pretty GUI right now, but if you’re banging your head and the users are screaming because they cannot get mail from point A to point B I can get this going for you today. The infrastructure is very granular, it can be implemented against a domain, email address and supports full RegExp (though if you don’t know how to write regexp this will absolutely break your mail delivery) and is implemented as an eval against an evenlope recipient (rcpt to) first and then inline second (“To: “). Want it today, drop me an email. GUI will follow by the end of Q3, we’re redesigning the way GUI works to begin with.
Both comments and pings are currently closed.
6 Comments
|
|
|
Whats on Vlad's Mind?
|
|
|
|
|
Sponsors:
This blog is made possible by
Own Web Now Corp and ExchangeDefender.
If you like this blog and are in the need of products we offer I hope you give us some
consideration.
|
|
|
|
|
|
Get The Newsletter
|
Looking for a more focused, exclusive insight into the world of SMB tech & business? Sign up for my newsletter:
Click here to sign up
|
|
|
|
|
Vladfire Vlog
|
Vladfire is my video blog showcasing successful people and technology in small to medium business.
Below are a few recent episodes, check out the archive for all other films.
|
See more episodes...
|
|
|
SBS Show Podcast
|
SBS Show is a free weekly podcast (Internet for recorded radio show) focusing on small business and technology. More at sbsshow.com but check out our latest episode:
SBS Show #26
Erick Simpson
Managed Services Part 2
Listen to older shows..
|
|
|
|
| |
|
|
Categories
|
|
Archives
|
|
About
|
| Apple, Awesome, Beta, Blogroll, Boss, Cloud, Deals, E12, Events, Exchange, ExchangeDefender, Friends, Gadgets, Gators, Gaypile, Google, GTD, iPhone, IT Business, IT Culture, Legal, Linux, Microsoft, Misc, Mobility, Open Source, OS, OwnWebNow, Pimpin, Podcast, Programming, Rant, SBS Show, Security, Shockey Monkey, SMB, System Admin, Thieving Weasel, Uncategorized, Vista, Vladcast, Vladfire, Vladville, Web 2.0, Windows Home Server, WordPress, Work Ethic, Wrong |
 |
February 2012,
January 2012,
December 2011,
November 2011,
October 2011,
September 2011,
August 2011,
July 2011,
June 2011,
May 2011,
April 2011,
March 2011,
February 2011,
January 2011,
December 2010,
November 2010,
October 2010,
September 2010,
August 2010,
July 2010,
June 2010,
May 2010,
April 2010,
March 2010,
February 2010,
January 2010,
December 2009,
November 2009,
October 2009,
September 2009,
August 2009,
July 2009,
June 2009,
May 2009,
April 2009,
March 2009,
February 2009,
January 2009,
December 2008,
November 2008,
October 2008,
September 2008,
August 2008,
July 2008,
June 2008,
May 2008,
April 2008,
March 2008,
February 2008,
January 2008,
December 2007,
November 2007,
October 2007,
September 2007,
August 2007,
July 2007,
June 2007,
May 2007,
April 2007,
March 2007,
February 2007,
January 2007,
December 2006,
November 2006,
October 2006,
September 2006,
August 2006,
July 2006,
June 2006,
May 2006,
April 2006,
March 2006,
February 2006,
January 2006,
December 2005,
November 2005,
October 2005,
September 2005,
August 2005,
July 2005,
|
|
Vlad says:
Thanks for checking out my blog. You've officially reached the end of the Internet so take in what you've read and don't look at it as gospel but an invitation to start thinking for yourself.
|
|
|
|
| |
Copyright © 2005-2010 Vlad Media, Inc. All Rights Reserved.
Content is provided AS-IS without warranty of any kind.
Syndicate this blog: 
|
|