> We have adopted the current policy at least for the short term: > > 1 ) We block all potentially hazardous extensions including .zip.
The first paragraph and rule 1) seem to somewhat contradict? So, if I upload the new ruleset Sniffer will start blocking ALL zip files? I know Beagle is a
THIS IS NOT THE CASE.
I'm very sorry for the confusion.
Message Sniffer WILL NOT block all messages with .zip attachment.
I probably should have split this message into two parts.
The first part is that we are adding rules for specific worm/virus patterns with our concentration being on those that carry .zip files. These rules will only block messages that contain a .zip file AND contain specific phrases or other features that are specific to the malware we are targeting. The rules will not effect other messages with .zip extensions.
The second part would be our current recommended policy for email systems - particularly those in corporate environments. The policy is probably too harsh for ISPs.
Point 1, 2 and 3 were an outline of our current policy for our email customers who are largely small corporate shops.
We do not enforce this policy with Message Sniffer so you are free to use any policy you wish.
I posted this policy because we have recently received a number of questions asking "how should we handle this new onslaught of viruses in zip files..." I thought the policy answer might be related and that others might be interested.
Sorry for any confusion.
_M
This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
