I've recently found out that when an end-user whitelists an email in Barracuda, that email completely bypasses all scanning, not just spam filters. I confirmed this with several support techs, and it's a huge security gap since any malicious emails from whitelisted addresses would go straight through. As a precaution, I disabled the whitelisting feature for end-users and cleared their existing whitelists, but that hasn't gone over well with the staff. Now, I'm looking for alternative solutions and would love to hear about others' experiences with this security issue.
5 Answers
Wow, that sounds risky! We moved away from Barracuda a while ago after our MSP recommended another solution. Right now, we’re on Mimecast, but I have issues with users blocking domains without understanding why, especially from common services like Gmail.
This has been how it works for a while now. You made the right call by preventing end-user whitelisting; it puts the responsibility back on IT. We do allow whitelisting, but emails still have to get through several levels of security.
I remember asking about this a few years back, and was told that whitelisting skips most checks. However, they mentioned that some basic checks like virus scanning still apply, but I’d double-check that—it’s worth being certain.
We use Sophos for email protection, and while there are a few things I'd tweak, it generally performs well. The whole idea of users being able to whitelist and bypass checks seems crazy to me!
Yeah, the security settings in Barracuda are definitely not the best. Whitelisting allows emails to bypass all sorts of checks, including SPF and DKIM, unless you set specific exceptions.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures