Whitelisting instead of blacklisting

[Georg82]

Hi,

wouldn't it be better if all attachment are blocked by default and only a list of specific extensions are allowed?

All extensions are blocked

List of extensions are allowed with a warning
ZIP, DOC, XLS

List of extensions are allowed without any warning
PDF, jpg, txt

This would minimize the risk of unknown dangerous extensions. For example, at the moment the extension ISO is missing in the default list of blocked extensions. Windows 10 mount automatically this file and may cause damage to the system because of auto play function. And who knows every existing extension that may be cause a problem.

Best regards

Georg

[jdede]

Dear Georg,

thank you for your feedback. I thought about this idea when I started the project. According to my experience, the blacklisting / greylisting is sufficient and works for the majority of users without the need of further configuration.
A whitelist of extensions is (depending on the area) hard to define and contentiously changing. Therefore, I decided to blacklist the extensions as recommended by the google list and greylist a couple extensions commonly used for phishing attacks.

Regarding ISO etc: There is no 100% protection. There exists even attack scenarios with jpg and pdf files. And one should also use a proper virus scanner.

Best regards
Jens