Just a quick one - how many people are using the "Generic Windows
Executable Content filter" on their systems? We have been running a
version of it for a while now to get an idea on the level of attachments
being but although I think we ought to put this in place and bounce
non zipped executables I am having "difficulties" persuading managers...
In particular, I am interested in academic sites who are blocking this (or
if you have decided not to use it). We are being hit by the latest flavour
of Nimda at the moment - Fsecure claimed to have seen only 5 copies but
we have many times that around campus at the mo! Virus checking would not
have prevented this as we seemed to get it before the virus companies
had updated their software. If it got in via email attachments (I suspect
that it did) then the filter would have blocked it and saved hours (days?)
of our time.
If people want to email me offlist then thats fine - I'll post a summary
to the list in a few days if anyone is interested.
