Admin's don't let users receive EXE's via email. FAQ -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
> -----Original Message----- > From: Paul Hutchings [mailto:[EMAIL PROTECTED] > Sent: Friday, June 06, 2003 12:25 PM > To: Exchange Discussions > Subject: Re: ScanMail missing tricks? > > > Sometimes users get sent legitimate executables, they get > blocked because of the extention, so I have to copy it to a > share for them to retrieve it - I'm then reliant on the AV on > my desktop, what I'd prefer is for the virus checker to say > "is it infected" before it looks at whether it should > quarantine that sort of file. > > Maybe I'm looking at it the wrong way, but that's just how > I'd like it to work - in fairness with 3.81 they're most of > the way there with the integrated quarantine manager section. > > regards > paul > ----- Original Message ----- > From: "Ward, Stuart" <[EMAIL PROTECTED]> > To: "Exchange Discussions" <[EMAIL PROTECTED]> > Sent: Friday, June 06, 2003 5:06 PM > Subject: RE: ScanMail missing tricks? > > > > Why would it need to? > > > > -----Original Message----- > > From: Paul Hutchings [mailto:[EMAIL PROTECTED] > > Sent: Friday, June 06, 2003 11:58 AM > > To: Exchange Discussions > > Subject: RE: ScanMail missing tricks? > > > > > > No problems here with 3.81 - one thing I wish it did do was to scan > > attachments blocked by extention blocking - we've had loads of > > bugbears quarantined for being .exe's , but it doesn't seem to > > actually scan them > as > > well. > > > > regards, > > Paul > > -- > > Paul Hutchings > > Network Administrator, MIRA Ltd. > > Tel: 024 7635 5378, Fax: 024 7635 8378 > > mailto:[EMAIL PROTECTED] > > > > > -----Original Message----- > > > From: Roger Seielstad [mailto:[EMAIL PROTECTED] > > > Sent: 06 June 2003 15:46 > > > To: Exchange Discussions > > > Subject: RE: ScanMail missing tricks? > > > > > > > > > You might want to consider upgrading to Scanmail 3.81. I > believe it > > > functions a LOT better. > > > > > > -------------------------------------------------------------- > > > Roger D. Seielstad - MTS MCSE MS-MVP > > > Sr. Systems Administrator > > > Inovis Inc. > > > > > > > > > > -----Original Message----- > > > > From: Tim Gowen [mailto:[EMAIL PROTECTED] > > > > Sent: Friday, June 06, 2003 10:25 AM > > > > To: Exchange Discussions > > > > Subject: ScanMail missing tricks? > > > > > > > > > > > > > > > > A user got an infected attachment right to her Inbox, which > > > > doesn't ever happen here since we started using > ScanMail. I have > > > > ScanMail 3.52 (Exch 5.5 > > > > SP4) blocking all the attachments on the List of > Danger, and yet > > > > this BUGBEAR.B file - QABACKUP.EXE.SCR - got through to > the Inbox. > > > > A Manual scan showed up six other virus-infected > attachments which > > > > had apparently got through. But the manual scan does > not pick up > > > > the file I just mentioned, which is now in my Deleted Items. A > > > > copy is on my hard drive and Sophos AntiVirus also > doesn't detect > > > > it. > > > > > > > > Is it possible that ScanMail misses out on some messages if > > > > several arrive at once, or is there another more likely > solution? > > > > I have sent the file to Trend and Sophos to see what > they say, but > > > > the attachment blocking was, I thought, non-negotiable > and always > > > > works. Luckily I badger my users about the danger of > attachments > > > > on a fairly regular basis. > > > > > > > > > > > > Tim > > > > > > > > -- > > > > Tim Gowen > > > > RAF Museum > > > > IT Dept. > > > > > > > > > > > > Confidentiality: This e-mail and its attachments are > intended for > > > > the above named only and may be confidential. If they > have come to > > > > you in error you must take no action based on them, nor > must you > > > > copy or show them to anyone; please reply to this e-mail and > > > > highlight the error. > > > > > > > > Security Warning: Please note that this e-mail has been > created in > > > > the knowledge that Internet e-mail is not a 100% secure > > > > communications medium. We advise that you understand > and observe > > > > this lack of security when e-mailing us. > > > > > > > > Viruses: Although we have taken steps to ensure that > this e-mail > > > > and attachments are free from any virus, we advise that > in keeping > > > > with good computing practice the recipient should take steps to > > > > confirm that they are actually virus free. > > > > > > > > > > > > > > > > > _________________________________________________________________ > > > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > > > Web Interface: > > > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > > ext_mode=&lang=english > > > To unsubscribe: mailto:[EMAIL PROTECTED] > > > Exchange List admin: [EMAIL PROTECTED] > > > > > > _________________________________________________________________ > > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > > Web Interface: > > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang=english > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t ext_mode=&lang > =english > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > > Confidentiality Notice: The information contained in this e-mail and > any attachments may be legally privileged and confidential. If you > are not an intended recipient, you are hereby notified that any > dissemination, distribution or copying of this e-mail is strictly > prohibited. If you have > received this e-mail in error, please notify the sender and > permanently delete the e-mail and any attachments immediately. You > should not retain, copy or use this e-mail or any attachment for any > purpose, nor disclose all > or any part of the contents to any other person. > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
