just ripping out executables takes care of Swen.
this is a highly recommended configuration, anyway;
there's really no reason to let any executables
through, period. yes, some of your users may be
used to attaching executables to their messages,
but they're just going to have to learn how to
either use a compression program or to rename their
files so they can't be automatically executed. it's
funny, but i've never gotten a single complaint
about executables being just plain dropped from a
message (i save them on the server where anomy is
running, where they can do no harm). i think most
people understand that it's a security risk.
short answer: yes, and very well. you don't even
need an AV program (i'm not a fan of reactive
defense anyway).
henry
Adam Kosmin wrote:
> Hello list,
>
> Can anomy be used to protect against SWEN? If so, I'd appreciate any
> tips or discussion.
>
> Thanks,
>
> Adam Kosmin