We use Webtrends to block all of these along with urls with mail or SMTP in
the address. Without that many of your smaller ISP's or corporate sites
would still be available.
Has been very effective although you will have to make some exceptions as
some "legit" urls have mail in the name.
-----Original Message-----
From: Byron Kennedy [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 26, 2001 4:40 PM
To: NT 2000 Discussions
Cc: '[EMAIL PROTECTED]'
Subject: RE: 3rd party emails
Hi Eric,
Recognizing a business need for these accounts we're looking at http/ftp
proxy solutions to filter malicious content out of the transaction. We're
seriously looking at GFI's content filter for ISA, WebSweeper and Symantec's
web-filtering product included with NAV CE.
I'd be really interested if other have thoughts on these solutions.
cheers.byron
-----Original Message-----
From: Hansen, Eric [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 26, 2001 10:18 AM
To: Exchange Discussions
Subject: 3rd party emails
Hello
We got hit pretty hard by nimda last week. Our IIS servers were patched,
and our Exchange servers were blocking EXE's. In that 20 something hour
window before Symantec released a DAT we thought we were secure. It turns
out we got infected by a employee who had a 3rd party web based email
client, be it hotmail or sisna or whatever.
In a effort to stop all 3rd party email we have made it policy only company
email is accepted in house. But it goes beyond that, it only takes one
employee screwing around to cause us a major problem. So my question is how
can we effectively stop these 3rd party email web clients.
At first we thought to block all of them by IP at the router and firewall,
but there are TONS of IP's to be blocked. So I had the thought as I was
making a change to a host file one day. Is there a way to make a change to
our DNS server and tell it that for example all requests for
'www.hotmail.com' go to some IP in house?
Or is there a better way to do this?
E
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
------
You are subscribed as [EMAIL PROTECTED]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to [EMAIL PROTECTED]
This e-mail and any files transmitted with it are confidential and are intended solely
for the use of the individual or entity to whom they are addressed. If you are NOT the
intended recipient or the person responsible for delivering the e-mail to the intended
recipient, be advised that you have received this e-mail in error and that any use,
dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited.
------
You are subscribed as [email protected]
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe send a blank email to [EMAIL PROTECTED]
