Don't do it! Sm:)e.
--Matt Ross Ephrata School District ----- Original Message ----- From: Sam Cayze [mailto:[email protected]] To: NT System Admin Issues [mailto:[email protected]] Sent: Wed, 10 Apr 2013 11:46:57 -0800 Subject: RE: .ZIP file e-mail attachments > My Symantec Enterprise license keys come in a 1KB ZIP file. > > > > So. No. Too risky. > > > > From: Crawford, Scott [mailto:[email protected]] > Sent: Wednesday, April 10, 2013 7:31 AM > To: NT System Admin Issues > Subject: RE: .ZIP file e-mail attachments > > > > Clever > > Sent from my Windows Phone > > _____ > > From: Mark Boersma > Sent: 4/9/2013 10:20 AM > To: NT System Admin Issues > Subject: RE: .ZIP file e-mail attachments > > My policy is to block zip files by size. If you block all zips smaller than > 500k you'll stop all the viruses. Allow zips larger than 500k and those > will be the legit files. Sounds sort of silly but it absolutely works. > Obviously I have scanners and such running too but that is my attachment > policy. > > > > Mark > > ------------------------------------------------- > > Two rules for success in life: > > 1. Never tell people everything you know. > > > > > > From: Mayo, Bill [mailto:[email protected]] > Sent: Tuesday, April 9, 2013 10:55 AM > To: NT System Admin Issues > Subject: RE: .ZIP file e-mail attachments > > > > We mostly rely on our appliance (IronPort) to catch them, but we do have a > special rule that quarantines any password-protected ZIP files (because the > appliance can't inspect those). > > > > From: David Lum [mailto:[email protected]] > Sent: Tuesday, April 09, 2013 10:51 AM > To: NT System Admin Issues > Subject: .ZIP file e-mail attachments > > > > Do any of you guys still allow this? I ask because at %formerjob% they were > blocked, but %dayjob% allows them, and last week and today we've received > infected .ZIP files. Last week was another autorun outbreak, today we caught > it before anyone actually ran it. We keep getting latest and greatest > variants "First seen by VirusTotal 2013-04-09 09:51:15 UTC (4 hours, 58 > minutes ago)". Grr. > > David Lum > Sr. Systems Engineer // NWEATM > Office 503.548.5229 // Cell (voice/text) 503.267.9764 > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
