Can a firewall block unencrypted email attachments from being sent?
 

Hello all,

I manage a linux-based network, where some projects are currently under development. Our IT policy states that any email attachment shall be encrypted using GPG.

Can I block other attachments using a firewall?

Note: Currently our mail server is not in campus. So I can only use a firewall for this security issue.

Thanks,
Tarek

Not really. I suppose you could enforce a policy whereby the encrypted item had a specific mime type assigned. You could then configure the MTA to reject all other mime types on outgoing messages.

Thanks for your reply.

I am still new to this security world.

Using gpg with ubuntu, encrypted files are in gpg extension have the MIME:
PGP/MIME-encrypted message header (application/pgp-encrypted)

is this what you mean?

I google for MTA, it appears to be the main part of the mail server. But I do not have any, I host my mail remotely.

Can a firewall be configured to filter-out other MIME attachments?

Thanks for your time.

You would still need to use an MTA to handle the filtering, as a firewall, or at least iptables, does its filtering at packet level. You could configure Postfix (for example) to be your local SMTP server and deliver through this, while still collecting from the remote server via POP3 .

Like nowonmai said, you will need a MTA for this.

What you could do is set your firewall to restrict mail communication to you external server and use the MTA of that server.
But imho it would be better to solve that locally right away.

thanks for the gr8 info.

I appreciate your help