|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: dealing with w32/bagle
Quoting Dan Hollis <[email protected]>: > > I am curious how network operators are dealing with the latest w32/bagle > variants which seem particularly evil. > > Also, does anyone have tools for regexp and purging these mails from unix > mailbox (not maildir) mailspool files? Eg purging these mails after the > fact if they were delivered to user's mailboxes before your virus scanner > got a database update. > I am also interested in what network/mail folks are doing about this situation. Blocking all zip files at the mail level is next to impossible (since of course when we started blocking executable files, we told people to zip up executables) and since business can't be taken care of without someone requiring zip files to pass. I will be the first to admit that using mail as a file transfer protocol isn't the way to go, but getting people to realize that (and forcing them to change) is next to impossible. Brian
|