RE: virus blocking

Most of our customers have purchased Symantec's Enterprise edition of
Antivirus software, which includes the AV Filtering for Exchange.  It does a
great job of blocking files/emails, and I recommend it wholeheartedly.

----- Original Message ----- 
From: "Musser, Dale" <musser@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, September 05, 2003 2:36 PM
Subject: [isalist] RE: virus blocking


> http://www.ISAserver.org
>
>
> That is exactly what I am looking for and trying to find out how to do.
>
> Dale
>
>
> -----Original Message-----
> From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
> Sent: Friday, September 05, 2003 2:36 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: virus blocking
>
>
> http://www.ISAserver.org
>
>
> Sending notifications on attachment blocking is a very good idea, one
> which I and many others I know do. However, the catch is, you should
> only send out notices IF you are using a e-mail AV product in front of
> the banned attachment processing.
>
> This way, if an infected message comes in with a attachment called
> patch.exe, the AV software picks it up and (had better be) only sends
> appropriate notices. If the file is clean, then ban it and send the
> notice.
>
> John Tolmachoff MCSE CSSA
> Engineer/Consultant
> eServices For You
> www.eservicesforyou.com
>
>
> > -----Original Message-----
> > From: Musser, Dale [mailto:musser@xxxxxxxxxxx]
> > Sent: Friday, September 05, 2003 9:47 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: virus blocking
> >
> > http://www.ISAserver.org
> >
> >
> > That is a good point, I actually got the idea from a client of ours.
> >
> > See we email attachments all the time to clients and sometimes the
> > employees will say they never got the attachment when we know we sent
> > it and then we have to second guess what is going on. Then other
> > clients do this :"Sorry, the security policy of (blank) refuses such
> > file extensions :
> > *.vbs;*.vbe;*.js;*.jse;*.css;*.wsh;*.sct;*.hta;*.shs;*.as;*.pif;*.scr;
> > *.
> > com;*.bat;*.exe
> >
> > Best regards,
> > IT security manager"
> >
> > Now I thought that is a nice feature. That way you know up front that
> > your attachment is going to be denied and you have to come up with
> > another solution.  Since more and more companies are now starting to
> > block specific attachments it would be nice to be notified.
> >
> > Dale
> >
> > -----Original Message-----
> > From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
> > Sent: Friday, September 05, 2003 11:41 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: virus blocking
> >
> >
> > http://www.ISAserver.org
> >
> >
> > > I don't know if this is for this group or not but we have exchange
> > > and
> >
> > > isa servers. We would like to start blocking some types of
> > > attachments
> >
> > > and send a return email back to the sender that it was blocked. Is
> > > this something you do in isa or exchange or both? Any one know how?
> >
> > Do not even think about sending notifications to senders unless you
> > know what you are doing. Where do you think 1/3 of all the traffic on
> > the internet is right now, stupid notifications to FORGED senders from
>
> > misconfigured mail servers.
> >
> > If you want to take these kind of steps, you really need to be aware
> > of the consequences.
> >
> > John Tolmachoff MCSE CSSA
> > Engineer/Consultant
> > eServices For You
> > www.eservicesforyou.com
> >
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com No.1
> > Exchange Server Resource Site: http://www.msexchange.org Windows
> > Security Resource Site: http://www.windowsecurity.com/ Network
> > Security
> > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> > http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > musser@xxxxxxxxxxx To unsubscribe send a blank email to
> > $subst('Email.Unsub')
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com No.1
> > Exchange Server Resource Site: http://www.msexchange.org Windows
> > Security Resource Site: http://www.windowsecurity.com/ Network
> > Security Library: http://www.secinf.net/ Windows 2000/NT Fax
> > Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
>
> > johnlist@xxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
> > $subst('Email.Unsub')
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com No.1
> Exchange Server Resource Site: http://www.msexchange.org Windows
> Security Resource Site: http://www.windowsecurity.com/ Network Security
> Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> musser@xxxxxxxxxxx To unsubscribe send a blank email to
> $subst('Email.Unsub')
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
srector@xxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>



Other related posts: