Targeting Malware

[Pete Russell]

Hi there, I have a MailScanner machine for outbound mail only - we have 
a managed/hosted system for inbound.

We have clients and staff on site who can sent email. We have plenty of 
horsepower MailScanner machine and allow all users on the insie of our 
network to send mail. This works fine, until, you get some one with a 
new malware.

These malware beat anti virus tools for the first 24 hours (at least) 
and during this time they send HEAPS of the same email.

Before i start trying to get too tricky what is the best standard set of 
tool to combat the type of spam generated by these malwares? I really 
dont want to be too aggressive, just target this very repetitive emails. 
We often get 40k of these same email being sent each day, in the past MS 
and SA just stopped them, now they seem to beat it a little more and we 
have to create custom rules (not very gracefully).

So far i have razor, latest mailscanner, SA, bayes, malwarepatrol rules.

Should i go with DCC or pyzor to target these emails, any other suggestions?

Ta
Pete