Well, since Exchange itself does not have AV capablilities, it will have to be done with 3rd party software. Try MailSecruity by GFI. John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com > -----Original Message----- > From: Musser, Dale [mailto:musser@xxxxxxxxxxx] > Sent: Friday, September 05, 2003 11:37 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: virus blocking > > http://www.ISAserver.org > > > That is exactly what I am looking for and trying to find out how to do. > > Dale > > > -----Original Message----- > From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] > Sent: Friday, September 05, 2003 2:36 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: virus blocking > > > http://www.ISAserver.org > > > Sending notifications on attachment blocking is a very good idea, one > which I and many others I know do. However, the catch is, you should > only send out notices IF you are using a e-mail AV product in front of > the banned attachment processing. > > This way, if an infected message comes in with a attachment called > patch.exe, the AV software picks it up and (had better be) only sends > appropriate notices. If the file is clean, then ban it and send the > notice. > > John Tolmachoff MCSE CSSA > Engineer/Consultant > eServices For You > www.eservicesforyou.com > > > > -----Original Message----- > > From: Musser, Dale [mailto:musser@xxxxxxxxxxx] > > Sent: Friday, September 05, 2003 9:47 AM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] RE: virus blocking > > > > http://www.ISAserver.org > > > > > > That is a good point, I actually got the idea from a client of ours. > > > > See we email attachments all the time to clients and sometimes the > > employees will say they never got the attachment when we know we sent > > it and then we have to second guess what is going on. Then other > > clients do this :"Sorry, the security policy of (blank) refuses such > > file extensions : > > *.vbs;*.vbe;*.js;*.jse;*.css;*.wsh;*.sct;*.hta;*.shs;*.as;*.pif;*.scr; > > *. > > com;*.bat;*.exe > > > > Best regards, > > IT security manager" > > > > Now I thought that is a nice feature. That way you know up front that > > your attachment is going to be denied and you have to come up with > > another solution. Since more and more companies are now starting to > > block specific attachments it would be nice to be notified. > > > > Dale > > > > -----Original Message----- > > From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] > > Sent: Friday, September 05, 2003 11:41 AM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] RE: virus blocking > > > > > > http://www.ISAserver.org > > > > > > > I don't know if this is for this group or not but we have exchange > > > and > > > > > isa servers. We would like to start blocking some types of > > > attachments > > > > > and send a return email back to the sender that it was blocked. Is > > > this something you do in isa or exchange or both? Any one know how? > > > > Do not even think about sending notifications to senders unless you > > know what you are doing. Where do you think 1/3 of all the traffic on > > the internet is right now, stupid notifications to FORGED senders from > > > misconfigured mail servers. > > > > If you want to take these kind of steps, you really need to be aware > > of the consequences. > > > > John Tolmachoff MCSE CSSA > > Engineer/Consultant > > eServices For You > > www.eservicesforyou.com > > > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > Leading Network Software Directory: http://www.serverfiles.com No.1 > > Exchange Server Resource Site: http://www.msexchange.org Windows > > Security Resource Site: http://www.windowsecurity.com/ Network > > Security > > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: > > http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > musser@xxxxxxxxxxx To unsubscribe send a blank email to > > $subst('Email.Unsub') > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > Leading Network Software Directory: http://www.serverfiles.com No.1 > > Exchange Server Resource Site: http://www.msexchange.org Windows > > Security Resource Site: http://www.windowsecurity.com/ Network > > Security Library: http://www.secinf.net/ Windows 2000/NT Fax > > Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > > johnlist@xxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to > > $subst('Email.Unsub') > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com No.1 > Exchange Server Resource Site: http://www.msexchange.org Windows > Security Resource Site: http://www.windowsecurity.com/ Network Security > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: > http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > musser@xxxxxxxxxxx To unsubscribe send a blank email to > $subst('Email.Unsub') > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > johnlist@xxxxxxxxxxxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub')