No, we're not relaying mail through our ISP's gateway, though I did choose the web based vendor because it does multiple scans and decompresses and scans compressed files before (www.webmail.us) delivery to webmail boxes. On the locally hosted mail service (Slmail) I am using RBL, reverse DNS and I review quarantines' daily and update block lists. I'm also using a Pix 501 but that's a pretty vanilla configuration. My local users are well behaved as far as internet usage. I just thought it was strange that there was zero detection on the outside interface.
Shirley Graver Systems Administrator Rubber Associates Inc. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 15, 2006 6:53 AM To: [email protected] Subject: Re: [ActiveDir] OT: Virus' Where are they? On 3/15/06, Shirley Graver <[EMAIL PROTECTED]> wrote: > Zero detections over the past 30 days. Our volume is about 2400 messages a > > month. So where'd the virus' go? Are you relaying mail through an ISP's gateway before it hits your network? Do you have any other virus scanning software on your own gateway? Do you have anything on your external SMTP inbound gateway which runs message filtering (eg RBL, rules which drop connections if the MAIL FROM address doesn't have a valid MX)? If in doubt, try mailing yourself a copy of the EICAR anti virus test file. http://www.eicar.org/anti_virus_test_file.htm -- AdamT 'Thank-you for not requesting read receipts' List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
