Need to block email attachment



  • Hi All,

    I am having a netgate sg 3100 in my network and all end-users are connected to the same. I need to block all attachment in any email. Please let me know if it is possible or not



  • Hi,

    This is something that has to be implemented into the mail server. Every mail server. Thus impossible.

    Sending and retrieving mails is being done using SSL connections more and more often, so pfSense can't "see" in the data stream that it is an "email".

    And even if you pulled it off, people stopped using their fat mail client, to browse to their web mail, and then download or upload the attachment. All this will be done over https;//, leaving you out of the game completely.

    Read also, for example, https://security.stackexchange.com/questions/14120/open-source-tool-to-block-email-attachments

    edit : if you have people on your network(s) that are capable of downloading (or sending) unknown, potentially dangerous files as attachments, then you throw them on a captive portal and Wifi , using AP's with client isolating activated (== no more local network sharing) and if there is more then one AP, also enforce sharing among these AP's.
    Only then people (clients, visitors) can mess up badly, and only have their device being fckd up without exposing others on your local net(s).