Re: swen virus

From: Brent Kennedy (
Date: Mon 06 Oct 2003 - 00:05:52 GMT

  • Next message: Systems Administrator: "Re: Re: swen virus"

    [ Eftirfarandi var sent af vef í frh. af bréfi ]

    > Systems Administrator wrote:
    > Most ISP's wouldn't be running *anything* on their
    > customer's mail to sanitize it. They may go as far as virus
    > checking, but they wouldn't defang MIME or HTML
    > tags.
    > That still doesn't address the argument whether EXE's
    > should be dropped or not. We AV scan *and* quarantine EXE's
    > (and BAT/VBS/etc.). Once they've been checked, if they're
    > super critical, they'll be delivered within a ZIP file on
    > an as-needed basis.
    > -Rick

    well, maybe you could reattach the exe(or whatever) as a secondary attachment with a warning on the first. Course, you have to keep in mind that if they are using outlook 2000sp2 or greater, they will not be able to see their attachment anyways. Course if they are on linux, thats a non issue too.

    I think the antivirus scanner on the server would be the best method. Course if you are not an ISP, then you should not accept executables and should make your users aware of that. I dont allow any of that stuff thru at all, they get the message and the original attachment is changed to a text file telling them the original one was removed.

    Keep in mind, if you ARE at an ISP, why should you care about users getting malware type emails? You can(with postfix) have filtering on your emails and no one elses. Although, if i am not mistaken, if you use procmail, you could set this up as completely optional per each user. Here is where you run into "what kind of users you have".

    my 2 cents :)

    hosted by