As part of company policy we tag doc/docx/xls/xlsx/rtf as bad content, to many illiterate users who open first ask questions later.
But in 5% of the cases the content is legit, we don't want the users having access to the bad content emails but we would like an IT Admin member to be able to get in and retrieve bad content emails if required.
All users have accounts and receive reports and release "spam" but we don't want them releasing Bad Content without either IT Admin looking first or asking us to do it for them.
I keep my fingers crossed that the answer is yes, it is easy and here is how you do it
Giving Admin/Root access to Bad Content
Re: Giving Admin/Root access to Bad Content
I had a very, very similar thread right below your question, why don't you take a look? => viewtopic.php?f=14&t=1707
-
- Posts: 26
- Joined: 28 May 2015 01:55
Re: Giving Admin/Root access to Bad Content
Thanks for that, it is close, except I want to leave my users with the ability to login and release standard spam level emails as well as manage their white/blacklists. If it isn't possible then I may have to go back to your solution and remove their abilities all together except I finally got them all autonomous so they don't run to be ever 30 minutes with a spam email release request. The CEO wants me to lock it down even more which is going to create even more false positives.
e.g. if the word winner, prize, contest, award is in the body then it is a SPAM +10
I wonder if there is a way to security trim out the Quarantine Section of the details.php so you have to have admin privileges if "Blocked File" is Y, hhhmmm.
e.g. if the word winner, prize, contest, award is in the body then it is a SPAM +10
I wonder if there is a way to security trim out the Quarantine Section of the details.php so you have to have admin privileges if "Blocked File" is Y, hhhmmm.
Re: Giving Admin/Root access to Bad Content
A little bit late but...
We have the same problem with office files. But we do this:
enable in clamd.conf both lines
Now we allow office files without macros.
We have the same problem with office files. But we do this:
enable in clamd.conf both lines
Code: Select all
ScanOLE2 yes
OLE2BlockMacros yes
-
- Posts: 26
- Joined: 28 May 2015 01:55
Re: Giving Admin/Root access to Bad Content
Interesting idea, although I just saw new word attachments where it basically tells the user "You have an old version of Microsoft Word" or words to that effect, click the html link below to receive the file or view the file online, etc etc etc the usual scam.
Buggers are getting to smart, our users are also too complacent.
Buggers are getting to smart, our users are also too complacent.