+1 From: [email protected] [mailto:[email protected]] On Behalf Of David Lum Sent: Friday, April 25, 2014 12:36 PM To: [email protected] Subject: RE: [Exchange] RE: Antivirus placement - Exchange 2010
For this large file send…use something like this: http://www.liquidfiles.net/ It’s essentially “FTP via email hyperlink”. It prevents the big crap from going through your email servers. I use this and it’s great! -Dave Lum From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Mike Tavares Sent: Tuesday, April 22, 2014 5:10 PM To: [email protected]<mailto:[email protected]> Subject: Re: [Exchange] RE: Antivirus placement - Exchange 2010 why can’t that be right? There are some bigwigs in companies that won’t let their email admins block any file attachments because Email is far easier to use than FTP. I just spent most of the Easter weekend helping out a friend cleaning up a virus outbreak in a Fortune 1000 company. After many hours it was traced back to an infected exe file received by a user in his email. This company also lets its users send and receive 500 meg attachments because it is convenient for the users to do their job. From: Richard Stovall<mailto:[email protected]> Sent: Tuesday, April 22, 2014 8:01 PM To: [email protected]<mailto:[email protected]> Subject: Re: [Exchange] RE: Antivirus placement - Exchange 2010 You can't block *ANY* attachments? That can't be right. On Tue, Apr 22, 2014 at 7:25 PM, Kurt Buff <[email protected]<mailto:[email protected]>> wrote: Your results are more the outcome of your settings to block certain attachments than to the Barracuda's prowess in AV detection. I am not allowed to block attachments, we have a 410, and I regularly see infectious emails come through. Whenever I get an unexpected email with an attachment, I submit the attachment to http://www.threattracksecurity.com/resources/sandbox-malware-analysis.aspx and to https://malwr.com/ and regularly see results that make me shudder... Those submissions are in parallel to my submission to virustotal, and invariably the attachment has already been scanned, and nobody has a signature for it. Mostly, I get these from China (or at least the emails use Chinese character sets.) Kurt On Tue, Apr 22, 2014 at 4:13 PM, Kennedy, Jim <[email protected]<mailto:[email protected]>> wrote: > > "Email AV gateway appliance (vm or physical) (Trend, Barracuda, etc.)" > > Specifically a Cuda. Only one email virus in a decade of using them. I block > exe's, password protected zips and the usual suspect file types with it, > that certainly helps. > > > ________________________________ > From: [email protected]<mailto:[email protected]> > [[email protected]<mailto:[email protected]>] on > behalf of Stringham, Steven > [[email protected]<mailto:[email protected]>] > Sent: Tuesday, April 22, 2014 5:53 PM > To: [email protected]<mailto:[email protected]> > Subject: [Exchange] Antivirus placement - Exchange 2010 > > Antivirus software and Exchange 2010 – where should I put it? I am looking > at this as a performance, security balancing act. So, my thoughts are where > do you folks put it. A little poll please… > > > > ____ AntiSpam outside service – before my internal systems see it. > > > > ____ Email AV gateway appliance (vm or physical) (Trend, Barracuda, etc.) > > > > ____ Edge Gateway role servers > > > > ____ Hub Transport servers > > > > ____ Mailbox servers > > > > > > Personally, I think this is a bit of an all of the above type thing, but, > where would you put AV for Email. > > > > And, do you use separate brands for different spots? > > > > Thanks > > Steven Stringham > > > > > > > ________________________________ > > This message and any attachments are intended only for the use of the > individual or entity to which they are addressed. If the reader of this > message or an attachment is not the intended recipient or the employee or > agent responsible for delivering the message or attachment to the intended > recipient you are hereby notified that any dissemination, distribution or > copying of this message or any attachment is strictly prohibited. If you > have received this communication in error, please notify us immediately by > replying to the sender. The information transmitted in this message and any > attachments may be privileged, is intended only for the personal and > confidential use of the intended recipients, and is covered by the > Electronic Communications Privacy Act, 18 U.S.C. §2510-2521. > > In accordance with Internal Revenue Service Circular 230, we advise you that > if this message or any attachments contains any tax advice, such tax advice > was not intended or written to be used, and it cannot be used, by any > taxpayer for the purpose of avoiding penalties that may be imposed on the > taxpayer. ________________________________ This message and any attachments are intended only for the use of the individual or entity to which they are addressed. If the reader of this message or an attachment is not the intended recipient or the employee or agent responsible for delivering the message or attachment to the intended recipient you are hereby notified that any dissemination, distribution or copying of this message or any attachment is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the sender. The information transmitted in this message and any attachments may be privileged, is intended only for the personal and confidential use of the intended recipients, and is covered by the Electronic Communications Privacy Act, 18 U.S.C. §2510-2521. In accordance with Internal Revenue Service Circular 230, we advise you that if this message or any attachments contains any tax advice, such tax advice was not intended or written to be used, and it cannot be used, by any taxpayer for the purpose of avoiding penalties that may be imposed on the taxpayer.
