1. It was previously stated that the BANEXT EZIP checked to see if only the first file was encrypted. I'm tentatively planning on keeping the encrypted zip's blocked. Does the BANEXP EZIP now check all files within the .ZIP? If not I wish it would.
No, but it will.
2. It would be interesting if the .ZIP and the encrypted .ZIP messages where slightly different in the virus log. It would allow slightly better tracking of the problem.
I.E. .ZIP file --> Banning .ZIP file with exe extension / Banning file with zip extension
encrypted ZIP file --> Banning encrypted .ZIP file with exe extension. / Banning file with encrypted zip extension
The next interim will do this.
3. I'd still love to see the IP address added to the virus log for banned file extensions.
I'm seeing blasts of 15 to 20 apparently Bagle.J's (log shows Banning .ZIP file with exe extension.)
The to and from both contain my domain name, if I had the IP address conviently, it might help me track down if it is one
of my remote users personal e-mail accounts.
We will likely be adding this as well.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask for a free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
