[Cialug] OT - maybe - out-going e-mail address blacklist ???

David Champion dchamp1337 at gmail.com
Tue Jul 24 11:38:26 CDT 2012


Right, that's why you want a UTM firewall device (like the Fortinet) that
can handle all of those cases.

-dc

On Tue, Jul 24, 2012 at 8:56 AM, Tim Kromphardt <aaronmit at gmail.com> wrote:

> You would also have to limit employee internet access to webmail (gmail,
> yahoo, etc) as the transfer of sensitive data might be
> stopped via exchange, but a little copy / paste and the employee could
> easily circumvent it.
>
> On Tue, Jul 24, 2012 at 8:47 AM, Josh More <jmore at starmind.org> wrote:
>
> > The cheap tools, yes.
> >
> > The more expensive tools to chunk indexing and can be pointed at a
> > data repo, either a file share or a DB column.  It then prevents that
> > data from leaving the environment.
> >
> > DLP is, however, easily subverted by encryption, so for it to be
> > effective against deliberate threats, it must be coupled with egress
> > whitelisting... which is challenging in its own right.
> >
> > -Josh
> >
> > On Tue, Jul 24, 2012 at 8:44 AM, Nathan C. Smith <nathan.smith at ipmvs.com
> >
> > wrote:
> > > A lot of the tools available to companies to manage information loss
> > look for and block specific information such as Social Security numbers
> and
> > credit card numbers etc.  In my admittedly limited experience, these are
> > challenging to use for anything other than the most basic cases.
> > >
> > > -Nate
> > >
> > >
> > > -----Original Message-----
> > > From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On
> > Behalf Of Rob Miller
> > > Sent: Tuesday, July 24, 2012 2:31 AM
> > > To: Central Iowa Linux Users Group
> > > Subject: [Cialug] OT - maybe - out-going e-mail address blacklist ???
> > >
> > > Every once-in-a-while I have a curious idea that I'm not sure to which
> I
> > can find the answer.  I do know that someone on this list will know the
> > answer.
> > >
> > > Is there a corporate e-mail system like Exchange or some other part of
> a
> > network like the firewall that has a feature that would block an
> out-going
> > e-mail message being sent to a specific address? I'm thinking this might
> be
> > described as an out-going blacklist or a reverse blacklist.  I'm thinking
> > that this might be of interest to info security managers and paranoid
> > corporate types so that employees would be blocked from sending corporate
> > secrets immediately and directly to an address within a competitor's
> > network or to a media outlet.  Maybe a government organization would want
> > to prevent an employee from sending messages to jassaunge at wikidrips.orgorusing an anonymous remailing service like who remembers "
> > anon.penet.fi" ???
> > >
> > > An even cooler concept would be some type of routing code that could be
> > added to a message as it was leaving its home network that would prevent
> > anyone from forwarding the message to specific addresses.  I guess that
> > would solve the problem of a message being sent to an anonymous remailer.
> > >
> > > TIA for any replies, discussion, etc.
> > >
> > > Rob Miller
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
>
>
>
> --
> Tim Kromphardt
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>


More information about the Cialug mailing list