I¹ve had great experiences with Antigen (formerly Sybari, now Microsoft) on this very topic. Antigen opens all zips and quarantines those that have infections. Password protected ones can be automatically quarantined. Another great feature is the ability to scan and/or filter files that have had their extensions changed in an attempt to get past a mail filter it opens the file up and examines it rather than just relying on .zip as the extension to identify it. Great stuff. Rick On 7/25/06 8:49 AM, "Arnold, Jamie" <harnold@xxxxxxxxxxxxxx> wrote: > Martin: > > May I ask what you use to quarantine them? > > Thanks > > > From: exchangelist-bounce@xxxxxxxxxxxxx > [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Martin Blackstone > Sent: Tuesday, July 25, 2006 8:33 AM > To: exchangelist@xxxxxxxxxxxxx > Subject: [ExchangeList] Re: file filtering best practice? > > We quarantine them, then release if they are OK. > The users don't love it, but they understand it. > > > > From: exchangelist-bounce@xxxxxxxxxxxxx > [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Arnold, Jamie > Sent: Tuesday, July 25, 2006 5:31 AM > To: exchangelist@xxxxxxxxxxxxx > Cc: Exchange2000@xxxxxxxxxxxxxxx > Subject: [ExchangeList] file filtering best practice? > In dealing with zip files specifically, I¹m wondering what is considered the > ³best practice²? We simply remove the file at our edge proxy, but have been > getting a little flack from a few users. Our data shows that nearly 94% of the > .zip files that come in via email are infected so I¹m not likely to be > convinced to allow them through. > > What say you? >