I've just gotten myself an IronPort (thanks to all who recommended it, and other, solutions) and am currently trying to configure various filters and policies for it. I was thinking along the lines of being able to quarantine things that looked like chain emails, hoax police warnings, and the like. Basically anything that doesn't serve a business purpose and asks for the mail to be resent. Does anybody have any ideas what kind of string I could be searching for in the body to pick these out? I was thinking of something along the lines of "forward this onto all people" or something like that....
Or is there another way to attack this using the features of the IronPort? I would be grateful for any insight, as we scrimped on the training costs and basically got a half-hour tutorial. TIA, jRR -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." http://raythestray.blogspot.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
