JaguarPC blocks .eml attachments

[FromRedmond]

My friend could not send me .eml attaches, and git them back. I could not even imagine that jaguarPC blocks them.

Sending another email as an attachment is a one of standard features of Microsoft Outlook Express that is one of the most common email clients in the world.

Why are they blocking them? Emails that does not fall under spam/spam assistant roles? If tomorrow viruses will be emulated in .doc, and .xls files, are they going to block Word and Excel documents? Are they supposed to be in business?

Why this "feature" from JaguarPC has not been announced? Why they do not send email, that xxxx email was blocked because appropriate attachment can get infected?

People reading this forum, what do you think about it? Is it work for you? Help you in your bussness?

With the policy that JaguarPC has right now, I have probably to looking for another hosting provider, because this service absolutely unacceptable. I can accept when they block scripts/executables such as vbs, js, bat files, but blocking program associated files? It is out of mind.

[Vin DSL]

Originally posted by FromRedmond
People reading this forum, what do you think about it?

Doesn't bother me. Sending files via mail is problematic in many respects. If it isn't this, it's that, or something else. If you want to send each other 'stuff' use FTP, or ZIP it up. Having files laying around on shared servers is dangerous as hell. I doubt if they will change their policy on this any time soon, so don't hold your breath...

[stevenha]

Gee, I didn't know they blocked .eml attachments. I hate those attachments. As long as they don't block useful attachments like .doc, .xls, .pdf, .jpg etc, then I'm content.

[Connie]

Not sure what you mean that Jag blocks e-mail attachments. I often send attachments
without any problem and most of our Junk (Spam) e-mail received has attachments.

If Jag is blocking some outgoing attachments that is probably good. Zip the
files as Vin suggested and you should not have any problems. Like stevenha
I hate attachments. If you and a friend want to swap attachments use your ISP e-mail rather than your site e-mail.

Just my HO.    

[Vin DSL]

eMail is supposed to be mail, not parcel service, so to speak. Some servers limit the attachment size to 1Mb, or whatever. Others don't allow a multitude different types of attachments. Firewall proggies like ZoneAlarm don't allow you to open attachments, and so on, and so forth. That's what I mean by it being problematic. Personally, I quit using eMail to send files over the web (probably) 5 years ago. It's just too much of a hassle these days, IMHO...

[Vin DSL]

You might find this interesting...

Originally posted by JagPC Tech Support

**************************************** **

2004-01-07 / 19:35:56
Hi

This is server wide setting , changing this might compromise the system.
There are several file extensions that the exim blocks. The following are the extensions that we block for server security.
==============
ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc
===================

So please ask the client to zip the file and send so that you could receive it without any problem.

Regards,
Suresh
Support Dept.

[Pete99]

I was very disappointed to discover today that Jaguar is blocking .eml attachments.

Obviously some of you that posted in this topic do not know what an .eml attachment is. An .eml attachment is simply another email message (with or without attachments) that you attach to the message that you're sending. This is often necessary when you need to preserve every aspect (including the headers) of the original message.

There is a much larger problem here, though. That is that the people at JaguarPC have taken it upon themselves to determine what us customers can or can not receive in our email messages. They say that they're doing this for the "greater good"... they're protecting us like our Big Brother. What's next, will they start reading the content of the messages and block messages that contain words that are offensive to them and claim that they have to block these messages to protect everybody from getting hurt? We are adults. Let us decide which attachments we want to receive. This is why we have anti-virus software on our computers.

There are two things that I think that JaguarPC should change:

1) Give us customers the choice about which attachments we want to receive.

2) In the meantime, we should have an option to be notified when JaguarPC blocks an email containing a "dangerous" attachment. It's inappropriate to reject an email and notify the sender but fail to tell us.

There is not that much that differentiates one good web host from another. However, indiscriminately blocking attachments without giving us customers any choices in the matter is bad enough that I plan to investigate other web hosts at renewal time that don't treat their customers like children.

[lookout]

I suspect the potential for attachments opened up via webmail programs on Jaguar's servers, rather than via locally based email clients like Outlook Express, are among the reasons for Jaguar's concern. You may not like it, but it's probably a necessary evil, part of server administration. Personally I have no problem with the policy, but I understand your preference to have more control over this yourself.

I'm not sure why Jaguar thinks .eml file extensions fall under the dangerous attachment category though. They don't block Outlook .msg attachments (as yet). I'd be interested in their rationale behind this myself.

Besides trying the zip suggestion, you could always save the message, rename its file extension to something that Jaguar finds more palatable, and attach the renamed file. I've tried it and it sails through fine. Upon receiving it, the recipient would need to save it and rename it back to view it. Kind of a pain, but it is another workaround.

[Pete99]

Thanks for the insights, Paul.

1) I don't buy into JaguarPC's explanation that it's necessary to block these attachments to protect their servers. First of all, their servers should not be reading and executing attachments from their customers' private emails. Second, if we use the webmail program and run an attachment in our web browser, how does that execute any code on their server? Surely it cannot unless their webmail software is really awful. Third, their servers should have anti-virus software running on them just like my PC does. I think that their policy is just an excuse on their part to make it easier for their SysAdmins at the expense of customer flexibility.

2) It's interesting that JaguarPC accepts .msg attachments but not .eml attachments. More interesting is that we can simply rename an attachment and their servers ignore it. This means that the virus writers will simply rename their attachments and spread their viruses anyway while us customers suffer unnecessarily by having legitimate attachments blocked. In fact I just tried this. I renamed a .exe file with a .txt extension. As you said, it sailed through JaguarPC's servers. The recipient would think that it's a text file. This is their idea of anti-virus protection?

3) Telling us that we need to zip attachments such as .eml files is like going to the post office and being told that we cannot mail a letter unless we put it in a box. This is extremely inconvenient.

4) There's another option that JaguarPC could use. Instead of indiscriminately blocking attachments with certain file extensions, they could use a virus-checker that scans incoming messages for viruses and, ONLY IF FOUND, then block the message. And of course have the option to notify both the sender and the recipient that this happened. This is how http://fastmail.fm does it. They use and recommend http://www.kaspersky.com/

Now that I think about it, if I could somehow completely bypass JaguarPC email servers and have all email from my domain sent directly to my email account at FastMail, that would solve the problem for me (although I will still have to re-evaluate using JaguarPC as my web host out of principle).

Anyway as you can tell, I'm quite frustrated with their policy. Thanks for listening. I'm usually nicer.

[lookout]

Not to worry about the .exe file renamed with a .txt extension sneaking past and carrying a virus payload. The recipient would most likely be opening up the file in a text editor, not executing the code. It couldn't do much damage until it's renamed back to a recognizable executable extension and opened. Hopefully your own virus protection is up to date and will kick in if necessary when you do that. BTW, the zip approach works in much the same manner. All you're doing is fooling the filters with a different file extension. In that case, it's one that is associated with a handy file compression utility.

I do find it odd that .eml attachments are banned but not other common Microsoft Office generated documents. Is it a spammer thing to abuse the .eml file type more, another file association type, or is it something else? I've found other hosts that ban that type too.

This thread over at webhostingtalk might be of interest to you. Seems that the primary concern there is with the spread of viruses to the customer's own computer. Of course, email attachments can be a source of other kinds of mischief too. Jaguar is simply aiming at the source.


Host-driven, pre-delivery email scanning has been a touchy subject here, as it is with some other hosts I know. I agree that the very basic EXIM driven, server wide, attachment filtering that Jaguar has in place leaves something to be desired. But I also think that they rightfully believe it less invasive than a full fledged, server based virus protection and spam filtering scheme. Jaguar is hardly alone in such thinking. I've found quite a few hosts who take a similar approach to banning potentially harmful file types (as well as limiting email attachment sizes). That kind of concensus doesn't necessarily make it the right approach, but then I don't think it clearly indicates the wrong approach either.

I wonder if Jaguar would be willing to relax their .eml ban for now? They must have their reasons, but it wouldn't hurt to ask.

[Pete99]

I have posted a review of JaguarPC at FindSP.com so that people who are evaluating potential web hosts for their domains will have fair warning that JaguarPC blocks certain email attachments. It's at http://www.findsp.com/Hosting/Review...ompanyID=2120&