Just FYI for Symantec users, this ONLY works in 2.1. The 3.x and 4.x versions changes the way they handled .ZIPs and adding the + will do nothing. Symantec support would like to see the old way back, but who knows if developers will implement it. =20 -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Henry Sieff Sent: Thursday, March 04, 2004 12:23 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: OT: Security response to BAGLE virus (password protected .zips) There is a clever way in NAV for Exchange 2.1 to use the attachment/message blocking features to block these. Take the executable extensions you are already blocking, and put a "+" at the end of them ie *.com =3D *.com+ and add these to your blocked attachments list. > -----Original Message----- > From: Claus, Brian [mailto:BClaus@xxxxxxxxxxxxx] > Sent: Thursday, March 04, 2004 7:28 AM > To: thin@xxxxxxxxxxxxx > Subject: [THIN] OT: Security response to BAGLE virus (password=20 > protected > .zips) >=20 >=20 > Just wondering what others are doing to combat the latest BAGLE worm. > =3D It's password protected so standard AV won't scan into it. How is = =3D > everyone else handling delivery of .zip files now? >=20 > We're using the Trend Micro AV suite. >=20 > Do you think the latest password protected BAGLE worm has caused the = =3D > demise of password protected .zip files? >=20 > My immediate opinion in the matter is that password protected .zip=20 > files =3D will now be treated with the same delivery restrictions that = > the .exe, =3D .scr, .pif, .vbs have come under but I'm not aware of = any=20 > AV software or =3D other means to differentiate scanning options = between > p\w protected .zip =3D files and non p\w protected .zip files. >=20 >=20 > Thanks, > =3D20 >=20 > _____ =3D20 >=20 > =3D20 > Brian Claus, A+, Network+, MCP > Network Administrator > WESCO Distribution, Inc. > 225 West Station Square Drive, Suite 700 Pittsburgh, PA 15219-1122 > Phone: 412-454-2412 > Fax: 412-454-2540 > bclaus@xxxxxxxxxxxxx <mailto:bclaus@xxxxxxxxxxxxx>=3D20 > _____ =3D20 >=20 > ******************************************************** > This weeks sponsor triCerat Inc. > triCerat makes your job easier by offering essential applications to=20 > eliminate your printing, policy and profile, and your application=20 > management problems. > http://www.triCerat.com > ********************************************************** > Useful Thin Client Computing Links are available at: > http://thin.net/links.cfm > *********************************************************** > For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode > use the below link: > http://thin.net/citrixlist.cfm >=20 ******************************************************** This weeks sponsor triCerat Inc. triCerat makes your job easier by offering essential applications to eliminate your printing, policy and profile, and your application management problems. http://www.triCerat.com ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This weeks sponsor triCerat Inc. triCerat makes your job easier by offering essential applications to eliminate your printing, policy and profile, and your application management problems. http://www.triCerat.com ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm