Email antivirus

From Cncz
Revision as of 17:56, 23 May 2007 by Petervc (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Filtering of viruses in E-mail

When and how does the filter work?

The C&CZ mailservers, running sendmail, invoke MIMEDefang for each mail they receive, to scan for a virus and filter for spam.

This means that the virus- and spamfilter works for all mail these servers process, whether incoming, outgoing or forwarded.

If a mail contains an attachment with dangerous content, this mail is put into quarantine. The mail without the dangerous attachment, but with an attachment that explains what has happened, is forwarded to the addressee.

An attachment is considered dangerous if it is an executable program, e.g. .exe, .bat, .dll. Since MS-Windows considers zip-files to be directories, and therefore viruses in zip-files appeared, we also consider an executable in a zip-file to be dangerous. In order not to make the list too long (a zip-file in a zip-file in ..., the Dutch chocolate Droste-effect), we also consider a zip-file in a zip-file to be dangerous.

Other antivirus measures

Since viruses can spread in more ways than mail (network shares, USB-sticks, www, ...) it is good practice for (MS-Windows) users to use a PC virusscanner with a recent virusdatabase. The RU has a campus license for the use of McAfee. See our Windows software-page for more information about the different versions.