On 24 Feb 2015, at 17:06, Yves Goergen wrote:
I can't block all archives with executable files in them.
Then in all seriousness: why bother filtering email specifically for malware?
Email is an inherently untrustworthy transport medium. Any sort of executable received via email that is not cryptographically signed by a trusted sender should be considered unsafe to run. If an executable is signed by a trusted sender, it can just as easily be encrypted to protect it from detection as an executable. If your users believe that you are providing them a valuableservice by allowing transport of executables via email, they are mistaken. You are putting them at unnecessary risk.
