Printable View
my experience was,
1. education, make it known to users
2. stripping the attachment with known file extension, e.g. exe, com, scr ... even if in zip
3. notify user of the block immediately
if the attachment is genuine, the users will have to contact the sender themself and request the sender to double or tripple zip (this depends on how many level of zip that u r filtering) the file b4 sending it again.
rgds
de
There is some good software that will watch incoming mail for any virill activity.Isn't there some thing from norton that does all that i,m pretty sure there is.
ANTI-HACKERS
The easiest way is to use AV for mail servers. Norton has it, Kasperski has it. That software scans incoming mail on your mail server and notify recepients if it finds anything. That way you can stop worms that use HTML message body, not just attachments.
My ISP is using Kasperski and I didn't heard for any worm spreading in Banjaluka for some time.
We use norton for exchange and we havent been hit by a serious virus attack in a fairly long time. As for bypassing the restrictions in place it is fairly easy. You just change the extension and put it in a zip or two. The zip is only used if your protection checks out the header of the files rather than the extension. The differance is that for the virus, worm etc to execute it needs the action of a internal user. That is someone has to rename the file. As they say the biggest security loophole in any network is an uneducated user.
Appreciate your support guys but this thread is 2 years old :D