Yes, zero day has become the big concern. Please see my previous replies. John T eServices For You "Seek, and ye shall find!" -----Original Message----- From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Arnold, Jamie Sent: Tuesday, July 25, 2006 6:39 PM To: exchangelist@xxxxxxxxxxxxx Subject: [ExchangeList] Re: file filtering best practice? Zero day is what I'm concerned about. _____ From: exchangelist-bounce@xxxxxxxxxxxxx [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Teo De Las Heras Sent: Tuesday, July 25, 2006 9:23 PM To: exchangelist@xxxxxxxxxxxxx Subject: [ExchangeList] Re: file filtering best practice? Is there a settings where it would block zip attachments based on an outbreak? Normally your AV software should block any zip's with known viruses. The risk is that a new virus comes out, propogates via zip, and noe of the AV vendors can identify. In this case, an outbreak 'flag' would block/quarantine all zips temporarily. Teo On 7/25/06, Arnold, Jamie <harnold@xxxxxxxxxxxxxx> wrote: In dealing with zip files specifically, I' m wondering what is considered the "best practice "? We simply remove the file at our edge proxy, but have been getting a little flack from a few users. Our data shows that nearly 94% of the .zip files that come in via email are infected so I' m not likely to be convinced to allow them through. What say you?