RE: virus blocking

  • From: "Sean Rector" <srector@xxxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 5 Sep 2003 16:57:47 -0400

I'm sorry, John, but that is incorrect.  Symantec's AntiVirus Filtering for
Exchange runs on the Exchange server, and deletes (if that is how you have
it set up) the messages before they hit the in-box.  To increase that level
of protection, it is possible to set up Symantec's SMTP Gateway, which will
kill the messages before they hit the Exchange server.

----- Original Message ----- 
From: "John Tolmachoff (Lists)" <johnlist@xxxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, September 05, 2003 3:04 PM
Subject: [isalist] RE: virus blocking


> http://www.ISAserver.org
>
>
> But that is on the desktop, which is the last line of defense.
>
> While Symantec does indeed do a great job of stop viruses at the desktop,
do
> you relay on the lock on your bedroom door at night, or do you lock the
> front and back door to your house as well?
>
> John Tolmachoff MCSE CSSA
> Engineer/Consultant
> eServices For You
> www.eservicesforyou.com
>
>
> > -----Original Message-----
> > From: Sean Rector [mailto:srector@xxxxxxxxxxxxxxxx]
> > Sent: Friday, September 05, 2003 11:51 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: virus blocking
> >
> > http://www.ISAserver.org
> >
> >
> > Most of our customers have purchased Symantec's Enterprise edition of
> > Antivirus software, which includes the AV Filtering for Exchange.  It
does
> a
> > great job of blocking files/emails, and I recommend it wholeheartedly.
> >
> > ----- Original Message -----
> > From: "Musser, Dale" <musser@xxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Friday, September 05, 2003 2:36 PM
> > Subject: [isalist] RE: virus blocking
> >
> >
> > > http://www.ISAserver.org
> > >
> > >
> > > That is exactly what I am looking for and trying to find out how to
do.
> > >
> > > Dale
> > >
> > >
> > > -----Original Message-----
> > > From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
> > > Sent: Friday, September 05, 2003 2:36 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: virus blocking
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > >
> > > Sending notifications on attachment blocking is a very good idea, one
> > > which I and many others I know do. However, the catch is, you should
> > > only send out notices IF you are using a e-mail AV product in front of
> > > the banned attachment processing.
> > >
> > > This way, if an infected message comes in with a attachment called
> > > patch.exe, the AV software picks it up and (had better be) only sends
> > > appropriate notices. If the file is clean, then ban it and send the
> > > notice.
> > >
> > > John Tolmachoff MCSE CSSA
> > > Engineer/Consultant
> > > eServices For You
> > > www.eservicesforyou.com
> > >
> > >
> > > > -----Original Message-----
> > > > From: Musser, Dale [mailto:musser@xxxxxxxxxxx]
> > > > Sent: Friday, September 05, 2003 9:47 AM
> > > > To: [ISAserver.org Discussion List]
> > > > Subject: [isalist] RE: virus blocking
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > >
> > > > That is a good point, I actually got the idea from a client of ours.
> > > >
> > > > See we email attachments all the time to clients and sometimes the
> > > > employees will say they never got the attachment when we know we
sent
> > > > it and then we have to second guess what is going on. Then other
> > > > clients do this :"Sorry, the security policy of (blank) refuses such
> > > > file extensions :
> > > >
*.vbs;*.vbe;*.js;*.jse;*.css;*.wsh;*.sct;*.hta;*.shs;*.as;*.pif;*.scr;
> > > > *.
> > > > com;*.bat;*.exe
> > > >
> > > > Best regards,
> > > > IT security manager"
> > > >
> > > > Now I thought that is a nice feature. That way you know up front
that
> > > > your attachment is going to be denied and you have to come up with
> > > > another solution.  Since more and more companies are now starting to
> > > > block specific attachments it would be nice to be notified.
> > > >
> > > > Dale
> > > >
> > > > -----Original Message-----
> > > > From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
> > > > Sent: Friday, September 05, 2003 11:41 AM
> > > > To: [ISAserver.org Discussion List]
> > > > Subject: [isalist] RE: virus blocking
> > > >
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > >
> > > > > I don't know if this is for this group or not but we have exchange
> > > > > and
> > > >
> > > > > isa servers. We would like to start blocking some types of
> > > > > attachments
> > > >
> > > > > and send a return email back to the sender that it was blocked. Is
> > > > > this something you do in isa or exchange or both? Any one know
how?
> > > >
> > > > Do not even think about sending notifications to senders unless you
> > > > know what you are doing. Where do you think 1/3 of all the traffic
on
> > > > the internet is right now, stupid notifications to FORGED senders
from
> > >
> > > > misconfigured mail servers.
> > > >
> > > > If you want to take these kind of steps, you really need to be aware
> > > > of the consequences.
> > > >
> > > > John Tolmachoff MCSE CSSA
> > > > Engineer/Consultant
> > > > eServices For You
> > > > www.eservicesforyou.com
> > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > ------------------------------------------------------
> > > > Other Internet Software Marketing Sites:
> > > > Leading Network Software Directory: http://www.serverfiles.com No.1
> > > > Exchange Server Resource Site: http://www.msexchange.org Windows
> > > > Security Resource Site: http://www.windowsecurity.com/ Network
> > > > Security
> > > > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> > > > http://www.ntfaxfaq.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org Discussion List
as:
> > > > musser@xxxxxxxxxxx To unsubscribe send a blank email to
> > > > $subst('Email.Unsub')
> > > >
> > > > ------------------------------------------------------
> > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > ------------------------------------------------------
> > > > Other Internet Software Marketing Sites:
> > > > Leading Network Software Directory: http://www.serverfiles.com No.1
> > > > Exchange Server Resource Site: http://www.msexchange.org Windows
> > > > Security Resource Site: http://www.windowsecurity.com/ Network
> > > > Security Library: http://www.secinf.net/ Windows 2000/NT Fax
> > > > Solutions: http://www.ntfaxfaq.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org Discussion List
as:
> > >
> > > > johnlist@xxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
> > > > $subst('Email.Unsub')
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com No.1
> > > Exchange Server Resource Site: http://www.msexchange.org Windows
> > > Security Resource Site: http://www.windowsecurity.com/ Network
Security
> > > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> > > http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > > musser@xxxxxxxxxxx To unsubscribe send a blank email to
> > > $subst('Email.Unsub')
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > srector@xxxxxxxxxxxxxxxx
> > > To unsubscribe send a blank email to
> $subst('Email.Unsub')
> > >
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > johnlist@xxxxxxxxxxxxxxxxxxx
> > To unsubscribe send a blank email to
$subst('Email.Unsub')
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
srector@xxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>



Other related posts: