[ZendTo] Re: Antwort: Re: Antwort: Re: Security Issue - Data Leakage Prevention
Jules
Jules at Zend.To
Thu Mar 1 12:12:51 GMT 2012
There is a setting in preferences.php called "emailDomainRegexp". This
must match any recipient address entered by a user who has not logged in.
There are currently no IP-based filters to implement checks like "if the
user comes from this IP network, then they cannot send files to this
email domain".
But if you want to implement it yourself, you have the source code and
the rights to be able to change it for your own purposes.
I've never had any other request for something like this, so have no
plans to implement it myself.
Jules.
On 01/03/2012 11:27, patrick.gaikowski at kaufland.com wrote:
>
> Hi Jules,
>
> USB is prohibited in our company and Personal Network Storages like
> dropbox etc. are blocked because of Contentfilter.
>
> Users from company who have the right in LDAP should upload files to
> anywhere they want. The is a workflow behind requesting this right.
>
> But my focus is if a user has not the right for logging in. In this
> case he makes a dropoff to his own address in company, because
> Freemail addresses are also blocked because of Content Filter.
>
> Is there a possibility to check the email in the verify.php if the
> user is unregistered?
>
> Mit freundlichen Grüßen / Best regards
>
> Patrick Gaikowski
> Tel: +49 7132 94 3568
> Fax: +49 7132 94 73568
> E-Mail: patrick.gaikowski at kaufland.com
> KI 967850: IT International / IT Governance / Netzwerk Design und
> IT-Sicherheit
> Office:
> Lindichstrasse 11
> D-74189 Weinsberg
>
>
>
> http://www.kaufland.de
> http://www.spannende-it.de
> Wir sind die Nr. 1:
> Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Stuttgart HRA 104163
>
>
>
>
>
> Inactive hide details for Jules ---01.03.2012 12:22:00---Jules
> <Jules at zend.to>Jules ---01.03.2012 12:22:00---Jules <Jules at zend.to>
>
> *Jules <Jules at zend.to>*
> Gesendet von: zendto-bounces at zend.to
>
> 01.03.2012 12:18
> Bitte antworten an
> ZendTo Users <zendto at zend.to>
>
>
>
>
> ZendTo Users <zendto at zend.to>
>
>
>
> Thema
>
> [ZendTo] Re: Antwort: Re: Security Issue - Data Leakage Prevention
>
>
>
>
>
>
> On 01/03/2012 11:04, _patrick.gaikowski at kaufland.com_
> <mailto:patrick.gaikowski at kaufland.com> wrote:
>
>
> Hello Jules,
>
> yes i mean someone working for my company.
>
> My idea would be some kind of "blacklist" for email domains used
> in unregistered dropoff. Is there a possibility to implement it?
>
>
> I don't quite see why this is only a problem with "unregistered
> users", by which I guess you mean people from your own company who
> haven't logged in?
>
> People who have logged in will be able to do the same.
>
> Note that ZendTo does log the IP address a drop-off came from, so you
> would be able to see who had done it by looking through your logs.
>
> Why doesn't the user just copy it onto a USB stick that they have in
> their pocket? Surely that's simpler? Or upload it to any of the
> various free cloud storage services there are (such as Dropbox,
> Evernote, iCloud, SkyDrive, etc etc)?
>
> Jules.
>
>
>
> What other things can a do, not to prevent it completely, but
> decrease the possibility.
>
> Mit freundlichen Grüßen / Best regards
>
> Patrick Gaikowski
> Tel: +49 7132 94 3568
> Fax: +49 7132 94 73568
> E-Mail: _patrick.gaikowski at kaufland.com_
> <mailto:patrick.gaikowski at kaufland.com>
> KI 967850: IT International / IT Governance / Netzwerk Design und
> IT-Sicherheit
> Office:
> Lindichstrasse 11
> D-74189 Weinsberg
>
>
> _
> __http://www.kaufland.de_ <http://www.kaufland.de/>_
> __http://www.spannende-it.de_ <http://www.spannende-it.de/>
> Wir sind die Nr. 1:
> Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Stuttgart HRA 104163
>
>
>
>
>
> Inactive hide details for Jules ---01.03.2012 10:28:39---Jules
> <Jules at zend.to>Jules ---01.03.2012 10:28:39---Jules
> _<Jules at zend.to>_ <mailto:Jules at zend.to>
> *Jules **_<Jules at zend.to>_* <mailto:Jules at zend.to>
> Gesendet von: _zendto-bounces at zend.to_
> <mailto:zendto-bounces at zend.to>
>
> 01.03.2012 10:25
>
> Bitte antworten an
> ZendTo Users _<zendto at zend.to>_ <mailto:zendto at zend.to>
>
>
>
> ZendTo Users _<zendto at zend.to>_ <mailto:zendto at zend.to>
>
> Thema
>
> [ZendTo] Re: Security Issue - Data Leakage Prevention
>
>
>
>
> By "unregistered user" do you mean someone who works for your
> company? If so, ZendTo won't stop them stealing files from your
> company. No-one can stop that unless you cavity search your
> employees at the end of each working day.
>
> Jules.
>
> On 29/02/2012 17:06, _patrick.gaikowski at kaufland.com_
> <mailto:patrick.gaikowski at kaufland.com> wrote:
>
> Hallo Jules,
>
> one of my colleagues pointed a scenario out where he could
> upload a file to outside the company without rights to do it.
>
> For us it is a big security issue!
>
> 1.) unregistered user clicks on Drop-Off and sends an email to
> his company email address
> 2.) unregistered user uploads a file from company network to
> his own company email address
> 3.) unregistered user forwards the upload information to his
> private email address from Mail Client
> 4.) unregistered user Picks up the file from his private PC
>
> My question is, if it is possible to exclude the company email
> domains, like defined in preferences.conf, from getting an
> upload link to corporate email without Authorization?
>
> Mit freundlichen Grüßen / Best regards
>
> Patrick Gaikowski
> Tel: +49 7132 94 3568
> Fax: +49 7132 94 73568
> E-Mail: _patrick.gaikowski at kaufland.com_
> <mailto:patrick.gaikowski at kaufland.com>
> KI 967850: IT International / IT Governance / Netzwerk Design
> und IT-Sicherheit
> Office:
> Lindichstrasse 11
> D-74189 Weinsberg
> _
> __
> __http://www.kaufland.de_ <http://www.kaufland.de/>_
> __http://www.spannende-it.de_ <http://www.spannende-it.de/>
> Wir sind die Nr. 1:
> Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Stuttgart HRA 104163
>
>
>
>
>
> _______________________________________________
> ZendTo mailing list_
> __ZendTo at zend.to_ <mailto:ZendTo at zend.to>_
> __http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
>
> Jules
>
> --
> Julian Field MEng CITP CEng_
> __www.Zend.To_ <http://www.zend.to/>
>
> Follow me at twitter.com/JulesFM
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
> 'It's okay to live without all the answers' - Charlie Eppes, 2011
> 'All programs have a desire to be useful' - Tron, 1982
> 'That is the land of lost content,
> I see it shining plain,
> The happy highways where I went,
> And cannot come again.' - A.E. Houseman
> _______________________________________________
> ZendTo mailing list_
> __ZendTo at zend.to_ <mailto:ZendTo at zend.to>_
> __http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
> _______________________________________________
> ZendTo mailing list
> _ZendTo at zend.to_ <mailto:ZendTo at zend.to>
> _http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
> Jules
>
> --
> Julian Field MEng CITP CEng
> _www.Zend.To_ <http://www.zend.to/>
>
> Follow me at twitter.com/JulesFM
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
> 'It's okay to live without all the answers' - Charlie Eppes, 2011
> 'All programs have a desire to be useful' - Tron, 1982
> 'That is the land of lost content,
> I see it shining plain,
> The happy highways where I went,
> And cannot come again.' - A.E. Houseman
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng CITP CEng
www.Zend.To
Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
I see it shining plain,
The happy highways where I went,
And cannot come again.' - A.E. Houseman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/fb0c9eeb/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/fb0c9eeb/attachment-0002.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120301/fb0c9eeb/attachment-0003.gif
More information about the ZendTo
mailing list