How Intrusion Prevention killed my Backupify .eml Downloads

A few weeks ago I wrote about Backupify.com, a cloud backup service that backs up data from your cloud apps into other parts of the cloud (or is it to different clouds all together?). To recap, I ran into a problem at work accessing my gmail backups. Backupify makes the backup of individual emails available as .eml downloads. I was getting 0KB files that were empty shells with no email data at work but at home it was working fine.

Turns out one of the security modules (Intrusion Prevention) in our Untangle security appliance at work is set to block (or in this case strip content from) .eml files downloaded via http. I discovered this after a helpful email from Untangle support suggested I turn off security modules one by one to determine the culprit. There are half a dozen different security modules in Untangle for everything from SPAM to Ad blocking and of course it was not until the last one was flipped off that I was able to download the .eml file. As soon as I knew it was the Intrusion Prevention module I was able to look at the log and see the specific rule that was causing the problem (#1233: WEB-CLIENT Outlook EML access).

And actually I think blocking .eml downloads from the web is a good thing so I will be leaving that particular rule in place. If I need to restore an email I can do it from home. It would be nice to be able to download my backed up email in a zip file or some other format that is not commonly identified as a security threat but I really can’t complain about a free service that is protecting my cloud data from the possibility of spurious dissipation.

If I want to think about deploying Backupify to my staff to protect their Google Apps accounts, now that is another matter.

Advertisements