We have gone to a CYA mode which is cost effective and functional for our systems.
Some of the processes (in addition to SA) we perform are: Scan all In/Out traffic for virus/worms Disallow the 50 or so executable files in email Disallow the discovered problematic zip files Do not accept email from machines without an appropriate MX/A record We found being the Internet police is too daunting because everybody has a kid that loves kazaa, et al and folks still think there are 2 Internets, the safe one and the dangerous one. Of course they all think the places they visit are on the safe Internet. I personally do not believe a law will be effective, as the law makers are no smarter than a box of rocks when it comes to the Internet. (my personal favorite is the "do not email list") just my nickle Greg
