This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Notification to sender if an email gets quarantined

Hi everyone!

Is there a way in UTM 9 to let the sender of an email know, that his email has been quarantined?

For example if the email is blocked due to an "File Extension Filter", the sender should be notified, that his email has been blocked.

And/or is it possible to notify the recipient?

Thanks for your help!

Tom



This thread was automatically locked due to age.
Parents
  • You may have noticed that UTM is not getting many wish-list items implemented, so expect the best ideas to appear in a different product, rather then UTM.

    However, this idea is not likely to be implemented ever.   Your request assumes that the (a) the reply will go to the actual originator of the message, and (b) the recipient does not have malicious intent.   The email infrastructure is so insecure that these are not reasonable assumptions, which is why you are blocking those attachments in the first place.

    If the sender is fraudulent and impersonating, the reply may go to someone who did not send the message.   If the spammer is hammering you, your replies may begin hammering the third-party, and that third party may cause you to be blacklisted.   

    If the sender is not impersonating, but hostile, you still have a problem.  Telling him that his Office Macro attack did not work will only help him move more quickly to a different attack vector.

    Of course, you also have the problem of the legitimate sender who is infected.  So your best friend may be sending you an Office Macro attack when he only thinks he is sending you a simple document.

    The whole thing stinks, but IETF is interested in interoperability, not security.   Microsoft has nothing to brag about either.

Reply
  • You may have noticed that UTM is not getting many wish-list items implemented, so expect the best ideas to appear in a different product, rather then UTM.

    However, this idea is not likely to be implemented ever.   Your request assumes that the (a) the reply will go to the actual originator of the message, and (b) the recipient does not have malicious intent.   The email infrastructure is so insecure that these are not reasonable assumptions, which is why you are blocking those attachments in the first place.

    If the sender is fraudulent and impersonating, the reply may go to someone who did not send the message.   If the spammer is hammering you, your replies may begin hammering the third-party, and that third party may cause you to be blacklisted.   

    If the sender is not impersonating, but hostile, you still have a problem.  Telling him that his Office Macro attack did not work will only help him move more quickly to a different attack vector.

    Of course, you also have the problem of the legitimate sender who is infected.  So your best friend may be sending you an Office Macro attack when he only thinks he is sending you a simple document.

    The whole thing stinks, but IETF is interested in interoperability, not security.   Microsoft has nothing to brag about either.

Children