Solved

FME Server mail publication and virus security

  • 10 October 2017
  • 5 replies
  • 1 view

Badge +2

Hi, me and @thomas_merkus have this simple question on configuring FME Server to receive e-mails. If we wanted to configure FME Server to receive mail, we end up with a notification content that possibly contains a reference to an e-mail attachment, which is stored somewhere on the local system. But if that attachment contains a virus, how secure is that? As a human it is possible that I recognize the danger and thus I do not open the attachment. But for a machine as FME Server is, that could be not as simple as that, so the question is: how can we ensure that FME Server is not storing malicious software on the local disk?

icon

Best answer by david_r 10 October 2017, 17:45

View original

5 replies

Userlevel 4

I may be a bit paranoid, but I wouldn't allow FME Server to receive mail without some sort of filter somewhere. At the very least some powerful heuristic virus scanner on the mail server, but ideally I'd also consider only allowing pre-authorized senders (whitelist).

Badge +8

I may be a bit paranoid, but I wouldn't allow FME Server to receive mail without some sort of filter somewhere. At the very least some powerful heuristic virus scanner on the mail server, but ideally I'd also consider only allowing pre-authorized senders (whitelist).

Couldn't you still spoof the email like many Microsoft online systems have been getting hit with lately.

 

 

Userlevel 2
Badge +12

You could always use your regular email server (with virus protection I assume) and use notifications to get the contents and attachments.

Badge +2

Thanks for the answers :-) @erik_jan yes that is the plan however some mail slips through that, as @runneals suggests. @david_r whitelist seems a nice solution.

Userlevel 4
Couldn't you still spoof the email like many Microsoft online systems have been getting hit with lately.

 

 

Unfortunately, yes. I'd recommend looking into any possible anti-spoofing solutions in your mail filter. Here's some details from Symantec's implementation.

Reply