Matt Murphy said: > Way to be responsive to the needs of your users. Are you an > enabler in your company, or someone that people have to get through to > get their work done? Think about that the next time you don't get > promoted. You can be plenty safe without disallowing executable files, > and TRAINING (yes that means actually talking to users) is a big part of > that. > > The day the latest big worm hit I was out for drinks with some > of my sysadmin friends, and they were all griping about how they spent > all day cleaning up viruses. That was the first I'd heard of it, and we > never got hit. Why is that? I have good security, good A/V, good > policies, and users that know what to look for, and know that if they're > the one that lets a virus through, it's their ass. > > Matt I've found that the majority of users have no need of executable files, .bat, .exe, .scr etc. They aren't the ones mailing them, they are all the results of the various virii floating around. Zip files are a different matter, there are a lot of reasons that a user would get a zip. That being said, I had a couple of users get zapped by the first round of virii that came out using zip files, prior to the various AV vendors posting signatures, and I did drop zip files for a few at the mail server for a few days. Maybe its reactionary, maybe its not foolproof, but I don't care, it has served to stop more than a one virus in the period of time between when the virus hits and when signatures come out. For that matter, the whole idea behind anti-virus technologies today is reactionary and not fool proof. I have had virtually zero complaints about executable attachments being blocked, though it was sticky for those few days I blocked zip files. Josh _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list