Hello
We got hit pretty hard by nimda last week. Our IIS servers were patched,
and our Exchange servers were blocking EXE's. In that 20 something hour
window before Symantec released a DAT we thought we were secure. It turns
out we got infected by a employee who had a 3rd party web based email
client, be it hotmail or sisna or whatever.
In a effort to stop all 3rd party email we have made it policy only company
email is accepted in house. But it goes beyond that, it only takes one
employee screwing around to cause us a major problem. So my question is how
can we effectively stop these 3rd party email web clients.
At first we thought to block all of them by IP at the router and firewall,
but there are TONS of IP's to be blocked. So I had the thought as I was
making a change to a host file one day. Is there a way to make a change to
our DNS server and tell it that for example all requests for
'www.hotmail.com' go to some IP in house?
Or is there a better way to do this?
E
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
