Uploaded image for project: 'WebTop'
  1. WebTop
  2. WT-1116

Proactive Security

    XMLWordPrintable

Details

    • New Feature
    • Status: Closed
    • Medium
    • Resolution: Done
    • Mail
    • None
    • develop
    • 5.15.0
    • wt-5.17.0
    • 0535

    Description

      A new feature should allow to activate pro-active security during mail view.

      Once enabled, when showing an email, the system should activate alerts to the user, in these default conditions:

      • the email contains external links and/or dangerous attachments (based on file extension and/or mime-type)
      • the link domain is different from the sender domain
      • the sender is not in my domain
      • the sender is not in my auto-saved contacts (meaning I never replied to this sender)
      • the sender is not in any of my contacts
      • the html does not contain unsubscribe directives (meaning it's probably a normal newsletter)
      • the sender is in any of my contacts but with a different displayname
      • the sender has fake patterns, such as a displayname containing an email that is different from the sender email
      • spam score is yellow and rspamd header has FORGED_SENDER

      By default the system will also add these new actions:

      • antispam score visualizations, via some kind of redlight showing green, yellow or red
      • check for click action on the link, prompting for confirmation
      • warn about zip attachments

      By default the system will keep disabled these new actions:

      • geolocalization (because it may require a paid GeoIP account)

       

      More options should be available to disable checks granularly, and produce more nasty alerts:

      • even if the link domain is same as the sender domain
      • even if the sender is in my domain
      • even if the sender is in my auto-saved contacts (meaning I never replied to this sender)
      • even if the sender is in any of my contacts
      • even if the sender is in any of my trusted contacts categories
      • even if the html contains unsubscribe directives
      • even if the sender is in any of my contacts with same different displayname
      • even if the sender has no fake patterns

      More options to disable these actions:

      • antispam score visualizations
      • check for click action on the link
      • warn about zip attachments

      And to enable these actions:

      • geolocalization

       

      To allow for granular configuration of these combinations on users/groups, all these options should be available through admin authorizations, allowing for creation of roles combining the various alert options for different kind of users.

      Attachments

        Activity

          People

            gabriele.bulfon Gabriele Bulfon
            gabriele.bulfon Gabriele Bulfon
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Packages

                Version Package