Instead of blocking them, why not just implement a Http virus wall. Something like Trend's Internet VirusWall? It Scans all FTP HTTP & SMTP traffic entering your network.
Matthew Exchange Disaster Recovery, Live it, Learn It, Love It, Get yours today! http://www.microsoft.com/TechNet/exchange/technote/edrv3p1.asp "Besides the technical limitations on the PST (remember the P stands for Personal, that means you're responsible not the mail admin)..." Jim Schwartz 8-16-01 >>> >>>-----Original Message----- >>>From: Hansen, Eric [mailto:[EMAIL PROTECTED]] >>>Sent: Wednesday, September 26, 2001 10:18 AM >>>To: Exchange Discussions >>>Subject: 3rd party emails >>> >>> >>> >>>Hello >>> >>>We got hit pretty hard by nimda last week. Our IIS servers >>>were patched, >>>and our Exchange servers were blocking EXE's. In that 20 >>>something hour >>>window before Symantec released a DAT we thought we were >>>secure. It turns >>>out we got infected by a employee who had a 3rd party web based email >>>client, be it hotmail or sisna or whatever. >>> >>>In a effort to stop all 3rd party email we have made it >>>policy only company >>>email is accepted in house. But it goes beyond that, it >>>only takes one >>>employee screwing around to cause us a major problem. So my >>>question is how >>>can we effectively stop these 3rd party email web clients. >>> >>>At first we thought to block all of them by IP at the router >>>and firewall, >>>but there are TONS of IP's to be blocked. So I had the >>>thought as I was >>>making a change to a host file one day. Is there a way to >>>make a change to >>>our DNS server and tell it that for example all requests for >>>'www.hotmail.com' go to some IP in house? >>> >>>Or is there a better way to do this? >>> >>>E >>> >>> >>>_________________________________________________________________ >>>List posting FAQ: http://www.swinc.com/resource/exch_faq.htm >>>Archives: http://www.swynk.com/sitesearch/search.asp >>>To unsubscribe: mailto:[EMAIL PROTECTED] >>>Exchange List admin: [EMAIL PROTECTED] >>> >>>_________________________________________________________________ >>>List posting FAQ: http://www.swinc.com/resource/exch_faq.htm >>>Archives: http://www.swynk.com/sitesearch/search.asp >>>To unsubscribe: mailto:[EMAIL PROTECTED] >>>Exchange List admin: [EMAIL PROTECTED] >>> _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
