iNotes® attachment blocking
To reduce the risk of unauthorized access to confidential information, you can configure SafeLinx to restrict external users from sending or receiving attachments.
Outside of the firewall, file attachments sent through email can be targeted in snooping attacks that expose sensitive information to unauthorized access. To increase security and reduce the risk of unauthorized access to confidential information, organizations that support access to iNotes® mail from outside the firewall might want to restrict external users from sending or receiving attachments.
Although the Domino® server provides some native support for blocking attachment for iNotes® users, the Domino® restrictions apply to all iNotes® users on the server. If you apply attachment restrictions to a user in Domino®, the restrictions apply regardless of whether the user connects to iNotes® from inside or outside of the firewall.
If you want to allow the internal use of attachments, but block external use for security reasons, you can configure the SafeLinx HTTP access service to enforce attachment blocking. Users on the internal, trusted network, who connect to iNotes® servers directly, can continue to use attachments normally. But when an iNotes® user connects from outside the firewall, the connection passes through the SafeLinx gateway, which applies the attachment restrictions that are configured for the HTTP access service.
In cases where the SafeLinx settings conflict with the Domino® settings, the greater level of restriction takes precedence. That is, if the Domino® server restricts users from sending or downloading attachments at the same level as SafeLinx or greater, then the SafeLinx restrictions do not take effect. However, if the Domino® server restricts attachments at a lesser level than SafeLinx does, then the SafeLinx restrictions are implemented. For example, if Domino® is set to block attachment downloads only, and SafeLinx is set to block all attachments, then all attachments are blocked.