Web mail access from work WAS: RE: [Mimedefang] Looking for an e xample of obfuscated HTML

Cormack, Ken kcormack at acs.roadway.com
Wed Aug 6 10:15:01 EDT 2003


-----Original Message-----
From: Keith Dowell [mailto:keith at rogersmfg.com]
Sent: Wednesday, August 06, 2003 9:42 AM
To: mimedefang at lists.roaringpenguin.com
Subject: Re: [Mimedefang] Looking for an example of obfuscated HTML

<snip>

>  you'll get a few complaints at first if they arent used to this - just
take
>  a few minutes and set them up with a free web mail account and they'll be
>  happy (usually they already have one - in which case i commonly get 'I
>  didn't know i could access it from work')

The problem with allowing access to external mail resources (HTML-based, or
otherwise) such as Yahoo and Hotmail accounts, is that they are great
avenues for completely bypassing your email server's defenses against
virus-infected attachments.  Yes, it may be company policy that client PCs
have anti-virus software and so on, but server-based defenses at the
front-door, are still desired.

In my shop, the only accounts that can access external mail sites (we block
them at the web proxy) are those of us involved in troubleshooting email
delivery problems, so that we can quickly send test messages between our
work addresses and external domains, when troubleshooting delivery problems.
That's just 5 admins out of 15,000 users.

Just a thought.

Ken



More information about the MIMEDefang mailing list