Bloques de mampostería en base a lodos residuales incinerados

Should it be necessary for a message to be released from@@DELAYEDearly, theadminuser (or other user with appropriate permissions) may manually release it. Note, however, that a message released from@@DELAYEDmay be re-quarantined in its normal stream because of spam-scoring rules. That is because messages released from@@DELAYEDare scanned by CanIt-Domain-PRO as if they had never been seen before; CanIt-Domain-PRO does not correlate what it believes to be a brand new message with anything in the@@DELAYEDstream.

13.3

Stripping Attachments

In addition to delaying, holding or rejecting mail based on characteristics of attachments, CanIt- Domain-PRO can strip attachments out of messages before forwarding the message. You can con- figure CanIt-Domain-PRO to strip out attachments and store them for retrieval via the Web interface, or simply to strip them out and discard them.

Attachment-stripping rules can be set per-stream, but only the realm administrator can create or edit attachment-stripping rules; normal users cannot. In addition, all streams inherit default’s attachment-stripping rules, even if the “Inherit rules from ’default’ stream” setting is set toNo. To create attachment-stripping rules:

1. Click onRulesand thenAttachment Stripping. You see the Attachment Stripping Screen:

Figure 13.2: Attachment-Stripping Rules

2. Enter a filename pattern in theFilename Patternbox. This pattern is interpreted exactly as for Delayed Attachments.

3. Enter a comment in theCommentbox.

4. Choose anActionsetting to determine how CanIt-Domain-PRO handles the filename pattern:

• Keep in Messageindicates that CanIt-Domain-PRO should not strip the attachment out. This setting can be used in a particular stream to override settings indefault.

• Strip and Store on Serverindicates that CanIt-Domain-PRO should remove the attach- ment and store it in the PostgreSQL database. CanIt-Domain-PRO will also add a message indicating that the attachment was stripped, and provide a link whereby the message re- cipient can retrieve the attachment.

• Strip and Discardindicates that CanIt-Domain-PRO should remove and discard the at- tachment. CanIt-Domain-PRO will add a note to the message indicating that the attach- ment was discarded and cannot be retrieved.

5. If you choseStrip and Store on Serveras theAction, then enabling theRequire Approval?

checkbox will force administrators to approve the release of held attachments. 6. ClickSubmit Changesto create the rule.

13.3.1 Approving the Release of Stripped Attachments

If an attachment rule specifiesRequire Approval, then when an end-user clicks on the link to retrieve the attachment, he or she will receive a notification stating that an administrator must approve the release of the attachment, as well as a code to supply to the administrator. To approve the release of an attachment:

1. Click onRules:Attachment Stripping

2. Click on theApprove Attachment for Releaselink near the bottom of the page.

3. Enter the code supplied to you by the administrator. 4. Preview the attachment if necessary.

Chapter 14

URL Proxying

CanIt-Domain-PRO’s URL Proxying feature can help mitigate phishing attacks that trick users into visiting hostile web sites and entering sensitive information. It does this by rewriting URLs in message bodies to go to a proxy page that warns users not to enter sensitive information. Users can then click on a link in the proxy page to visit the original URL. We call the rewriting of the linkredirectingthe link.

Here is a screenshot showing what happens when a user clicks on a redirected link:

Figure 14.1: Redirected Link

In Figure 14.1, the original sender sent an email containing the link http://www.cnn.com/WORLD/?hpt=sitenav. CanIt-Domain-PRO redirected the link to its proxy page. The proxy page shows the user the original link, the server hostname, and (if it can be determined) the approximate location of the server. It also displays a warning not to enter sensitive information. This can help to educate users about the legitimacy of the site and to remind them not to enter sensitive information.

To continue to the original site, the user merely needs to click on “I understand and wish to follow the link.”

14.1

Configuring URL Proxying

By default, CanIt-Domain-PRO proxies only URLs on the Known Phishing URLs list (Section6.4.2). To enable URL proxying for other URLs, you need to create URL proxying rules.

There are two basic strategies for using the URL proxying feature:

1. Enter a list ofsafe domainsthat shouldnotbe redirected, and have CanIt-Domain-PRO redirect everything else. This is the safest approach, but can be annoying as most URLs end up getting redirected.

2. Enter a list ofquestionable domainsthatshouldbe redirected, and do not redirect anything else. If you have a list of commonly-abused domains such as free form-creation sites, this can be a viable method of cutting down on phishing while keeping the annoyance factor to a minimum. To create URL proxying rules, click on Rules and then URL Proxy. The URL Proxy Rules page appears:

Figure 14.2: URL Proxy Rules

• To enable URL proxying, set “Enable URL Proxy?” toYes. This is a normal stream setting, so if you set it in thedefaultstream, it is inherited by other streams in the current realm and all subrealms.

Scanning messages for URLs and replacing them may be expensive, so if a stream does not need URL proxying, it is best to leave the setting atNo. If the setting is No, then any URL Proxy Rules are ignoredandthe Known Phishing URLs list is not used.

• Set your default policy by entering a domain of*and either enabling or disabling theRedirect