3 ???: Iptables, ClamAV+qmail, password program
I have 3 questions;
1) Is there any way/program other than iptables to bind an IP to a MAC address bcoz i have certain machines on my network to whom i allow unrestricted access to certain resources and i want to avoid IP spoofing. I can do with iptables but jus wannan know alternate ways 2) I use qmail-scanner with clamav and my company's policy is to reject certain extensions like archive extension (zip,rar etc) as attachments. But i find it can be easily bypassed by changing the file extensions to say an allowed extension like .doc . how can i stop this. 3) Is there a browser based program like this: http://sarg.sourceforge.net/chetcpasswd.php that will let my users change thier qmail (smtp/pop) password remotely. Currently i'm using OmailAdmin but i wan't just a simple password change only webpage. thank you |
|
Is ther a solution for my 2 question thank you. It can be easily bypassed by changing the file extions. Why can't clamav detect the file as zip even if it's renamed to .doc extension and then block it.
|
because when a zip file is renamed to .doc it's no longer a zip file anymore. it's a .doc file... sure no office program will open it... but that's just the way it is. there would be so much overhead on mail servers if they had to attempt to rename every attachment to every known file extension just to see which correct extension it is. if it could even do that... and what about mac osx... you don't even need filename extensions
|
the reason i ask this is coz in my previous organization i used to rename the blocked zip archives to doc and some prgram running with qmail used to block it even then !!! now i can't ask that administrator how he did it or what he used ? may be the program cud scan it's header
|
All times are GMT -5. The time now is 05:46 PM. |