Don't block S/MIME on your mail server
With all the viruses out there these days, many mail servers simply block all attachments, or only allow a small set through. One set of attachment extensions that you don't want to block however are the extensions defined in RFC 2311 § 3.2.1 for S/MIME.
MIME Type File Extension application/pkcs7-mime .p7m (signedData, envelopedData) application/pkcs7-mime .p7c (degenerate signedData "certs-only" message) application/pkcs7-signature .p7s application/pkcs10 .p10
S/MIME allows people to sign or encrypt email messages. A S/MIME signature is created by basically creating a checksum (MD5, or SHA1), then the checksum is signed (RSA or DSA - S/MIME is also used for PGP).
Even if you don't sign or encrypt email yourself, its not a good practice to block these attachments - you may prevent someone (like me) who signs all their email from reaching you. Also S/MIME signatures are a good way for companies like PayPal who are plagued with Phishing scams to send trusted email to their customers. Just last week, I got an email from PayPal, which turns out was actually from PayPal - but I had to view the message source to confirm this. If they had signed the message I would know instantly.
- Docker Container exited with code 137
- Why is my cron.daily script not running?
- Announcing FuseGuard Version 3
- CFSummit 2017
- Java Unlimited Strength Crypto Policy for Java 9 or 1.8.0_151
- Java 9 Security Enhancements
- Upcoming CFML Conferences in April 2017
- CFSummit 2016 Slides