Targeting Malware
Pete Russell
jpete at iinet.net.au
Thu Nov 12 07:52:57 GMT 2009
Hi there, I have a MailScanner machine for outbound mail only - we have
a managed/hosted system for inbound.
We have clients and staff on site who can sent email. We have plenty of
horsepower MailScanner machine and allow all users on the insie of our
network to send mail. This works fine, until, you get some one with a
new malware.
These malware beat anti virus tools for the first 24 hours (at least)
and during this time they send HEAPS of the same email.
Before i start trying to get too tricky what is the best standard set of
tool to combat the type of spam generated by these malwares? I really
dont want to be too aggressive, just target this very repetitive emails.
We often get 40k of these same email being sent each day, in the past MS
and SA just stopped them, now they seem to beat it a little more and we
have to create custom rules (not very gracefully).
So far i have razor, latest mailscanner, SA, bayes, malwarepatrol rules.
Should i go with DCC or pyzor to target these emails, any other suggestions?
Ta
Pete
More information about the MailScanner
mailing list