This is just plain nuts...

SARC (http://www.symantec.com/avcenter/index.html)


We are under heavy bombardment from Beagles and Netskys, but shields are at maximum and are holding... :redeyes:

Don't Open Attachments. How many years is it going to take to get people to understand?

I've set the mail server to bounce anything that has .pif,.bat,.vbs,.com and .scr attached... So far it seems to have reduced the incidents quite a lot... And keeping an eye on the new defs. also helps...

CeeBee, do you have any info on how to configure a mail server to bounce or drop pif,.bat,.vbs,.com and .scr attachments?

I've been looking for this on an Exchange 2000 server, but have found only advertisements for third party software.

We have a Lotus Domino server here, it supports rules for messages natively.
For Exchange I have found these:
http://support.microsoft.com/default.aspx?scid=kb;en-us;324568&Product=exch2k
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B320703
However, some antivirus products support content filtering by themselves.
http://service1.symantec.com/SUPPORT/ent-gate.nsf/pfdocs/2000071215411354
Hope it helps...

CeeBee, do you have any info on how to configure a mail server to bounce or drop pif,.bat,.vbs,.com and .scr attachments?

I've been looking for this on an Exchange 2000 server, but have found only advertisements for third party software.


I have my Watchguard firewall block those attachments. Lately, I've had to have the Domino server hold messages with zips, since I can't block those. Just bought Symantec AV for the Domino server so we don't have to stop zips. :thumbs:

Just bought Symantec AV for the Domino server so we don't have to stop zips. :thumbs:
Then have a lokk at this:
http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.k@mm.html

Then have a lokk at this:
http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.k@mm.html


Yep, stopped a bunch of those jokers already. Fscking virus writers. :flame: