Here's an excerpt from a Tumbleweed article discussing what to filter using email filters. Summary: This article provides a list of file types that may potential ly be harmful to some organizat ions. Detailed Info: The following is a partial list of file types that an organizat ion might consider to be dangerous within their organizat ions. Many known viruses make use of some of these file extension s. This list should not be considere d to be exhaustiv e, nor should it be assumed that every file extension listed below would be undesirab le in every organizat ion. As an administr ator you should review this list, and add any undesirab le file types that might be missing. You may also choose to remove items from this list that may have some business need in your organizat ion, or you don't consider dangerous . *.AS *.ASP *.BAT *.CHM *.CMD *.COM *.DLL *.DOT *.EML *.EXE *.FNT *.HTA *.INF *.JS *.JSE *.LNK *.MRC *.PIF *.PL *.REG *.SCR *.SHB *.SHS *.SWF *.VB *.VBE *.VBS *.WS *.WSC *.WSF *.WSH *.XML Resolution: Many companies deploy policies to block potential ly dangerous files. This can be a good proactive measure for defending against brand new viruses that may not be detected by the latest Virus Pattern files. You may choose to deploy a policy similar to the following : Catch messages where... Contains attachmen ts in the attachmen t list "Potentia lly dangerous files" Take the following actions.. . Quarantin e the message with the tag "attachme nt" and Send the notificat ion "Sender Note - message with attachmen t not delivered " The policy might read something like: For all messages sent from this user with attachmen ts from the ""Potenti ally dangerous files" list quarantin e the message with the tag "attachme nt" An effective "Potentia lly dangerous files" list might be composed of: "All Executabl e Files" "HTML with Active Content" *.AS *.ASP . . . *.WSH *.XML
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:43:31 PDT