> -----Original Message----- > > > According to sarc- 'Name of attachment > > > <http://securityresponse.symantec.com/avcenter/refa.html#name> > : varies > > with .com, .exe, .pif, or .scr file extension' > > Are you rejecting executable attachments? I've been using this in > > header_checks.regexp- > > It zips itself up too. That is the only thing we see getting > through is the zips. > > The person who turned the machine on swears they did not open > any attachments, but I have my doubts about that. > > --Eric
Do you have header/body checks that reject executable attachments? Right now I don't have any AV scanning on either of my IMGate or Imail boxes. So far, the executable test has been trapping everything like this snippet.. In: DATA Out: 354 End data with <CR><LF>.<CR><LF> Out: 550 Error: Attachment name "dqtuxg.exe" not accepted with ".exe" extension In: QUIT Out: 221 Bye I get a couple dozen of these daily, and I don't have to worry about missing the latest virus-du-jour. I do allow zips, but so far nobody has received any unexpected zip attachments. Gerry.
