[AusNOG] Fw: important

[Chad Kelly]

On 10/1/2015 1:05 PM, Rhys Hanrahan wrote:
> Hi Everyone,
>
> I've actually been thinking about posting about this lately... So I thought I'd put this out there while we're on the topic.
>
> We've been getting hit a lot with the crypto virus emails, and they seem to be difficult to block. It seems over the last few months there's been a steady increase in the amount of stuff getting through. Particularly seems that spammers are leveraging what appears to be legitimate mail-out services to get their spam through.
>
> Has anyone found an appliance or otherwise that we can run on, or alongside, our existing filtering that does well at blocking some of this stuff (particularly the crypto viruses - even server-side AV seems to miss it).
>
> I've heard of Ironport before, and I'll definitely be looking at that, but curious to know if there's anything else out there that can be recommended?
>
> Most of the things I've considered so far seem to be aimed more at a single enterprise / on-site IT (charging per user), instead of being aimed at larger-scale centralised ISP-style filtering.
>
>
>
>

You can set IronPort to just drop anything with a .zip extension, which 
solves these issues as the appliance will drop the emails before they 
even reach the server.
Ironport can also do inbound filtering as well as outbound.
Given what you guys want to use the system for it may well be worth the 
investment in buying your own appliances.
Regards Chad.


-- 
Chad Kelly
Manager
CPK Web Services
web www.cpkws.com.au
phone 03 9013 4853