We have a special virus notification that is set to ONLYSENDIFLOCALSENDER.  It goes to the helpdesk to let us know someone on campus possibly has a virus.  Unfortunately with Sobig spoofing some of our user names and sending messages to us from outside campus, the helpdesk is being flooding with false notices.  The only way to stop it, to my knowledge, is to disable the notice.

 

Is there a way (or could it be added to the program [hint, hint]) to check the IP (or IP class) instead of sender domain.  Example: ONLYSENDIFIP 172.22.12.240 or ONLYSENDIFIP 172.22.*.*

 

(Sorry if this was already suggested in the recent flurry of messages about banning notifications.  Plus, the archive is days behind.)

 

John

Reply via email to