[ExchangeList] Re: file filtering best practice?
- From: "John T \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
- To: <exchangelist@xxxxxxxxxxxxx>
- Date: Tue, 25 Jul 2006 19:05:33 -0700
Yes, zero day has become the big concern. Please see my previous replies.
John T
eServices For You
"Seek, and ye shall find!"
-----Original Message-----
From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Arnold, Jamie
Sent: Tuesday, July 25, 2006 6:39 PM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: file filtering best practice?
Zero day is what I'm concerned about.
_____
From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Teo De Las Heras
Sent: Tuesday, July 25, 2006 9:23 PM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: file filtering best practice?
Is there a settings where it would block zip attachments based on an
outbreak? Normally your AV software should block any zip's with known
viruses. The risk is that a new virus comes out, propogates via zip, and
noe of the AV vendors can identify. In this case, an outbreak 'flag' would
block/quarantine all zips temporarily.
Teo
On 7/25/06, Arnold, Jamie <harnold@xxxxxxxxxxxxxx> wrote:
In dealing with zip files specifically, I' m wondering what is considered
the "best practice "? We simply remove the file at our edge proxy, but have
been getting a little flack from a few users. Our data shows that nearly
94% of the .zip files that come in via email are infected so I' m not likely
to be convinced to allow them through.
What say you?
Other related posts:
