Windows Exchange Server

Hugo van der Kooij hvdkooij at
Tue Jun 3 19:11:47 IST 2008

Hash: SHA1

Ronny T. Lampert wrote:
|> I have numerous clients doing it this way and it just works.  If you
|> are using sendmail as your MailScanner MTA I can provide complete help
|> on how to make this work with MailScanner and exchange (all versions).
| And I can help with postfix (+ Active Directory / LDAP)!
| As for the inter-Exchange traffic: this really should be "trusted"
| internal traffic, between internal servers, on an strictly internal
| network.
| If it is NOT then it should not be allowed to flow freely between
| servers directly.
| In any case you should run a mail scanning virus scanner on your
| Exchange servers so internal viruses can not propagate.

Not to mention that your scanner may not detect the specific sample at
the time it will pass the perimeter scanner.

Last year I spend a day in a AV lab and quite a bit of time with 4
months worth of raw samples. The average figures we came up with was 110
new samples per day of which about 40 were seen almost immediatly. So
the majority of samples are analyzed only hours, days or even weeks
after they may hit you.

At the moment webbased ones seem the ones to change the fastest. But you
may still pass malware because your scanner(s) did not detect it.


- --
hvdkooij at     

	A: Yes.
	>Q: Are you sure?
	>>A: Because it reverses the logical flow of conversation.
	>>>Q: Why is top posting frowned upon?

Bored? Click on and rate those images.

Version: GnuPG v1.4.7 (GNU/Linux)


More information about the MailScanner mailing list