General discussion

Locked

blocking .pif files

By rosiec ·
I'm running a win2k server w/symantec anti-virus corporate edition. My end users have been complaining about the large amount of virus emails they receive on a daily basis and are looking at me to stop these.
The messages they receive are ones saying that the attachment has been quarantined (this message comes from the symantec software). Most of these virus emails have .pif attachments.
I told my end users that they would just have to deal with these emails because it's nearly impossible to eliminate.
Well, they don't like that answer.
So, now i'm here. What are the ramifications of blocking .pif files through the virus software? Would the emails stop completely? Or do I need to filter it out through Exchange? Can this even be done?
My fear is that if I block these files it may quarantine a legit email that we need.
Help!
Rosie

This conversation is currently closed to new comments.

1 total post (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Check your Symantec Settings

by Deadly Ernest In reply to blocking .pif files

Go to the server with the Symantec software and open the Symantec software and check the Options Settings for the Email section under the heading 'how to respond if a virus is found'. The default settings is 'repair then silently quarantine if unsuccessful' change this to the option 'repair then silently delete if unsuccessful'. What happens is the message is deleted instead of quarantined and the recipient gets a message on the e-mail saying that the attachment had been deleted.

Atleast that is the way it works with my version of Norton's Anti-Virus from Symantec.

The only other option would be to write a script for the mail server to delete or drop all .pif attachments or all e-mails with .pif attachments.

Deleting all e-mails with a .pif attachment would see that they got less mail but they would not know who sent them an infected mail, and if it was somehting they were waiting for they would never know why it did not arrive or that they should chase it up.

Also it should be possible to write a mail rule for the mail application that they are using to delete the .pif attachment when it got to them if you found this easier.

Back to Security Forum
1 total post (Page 1 of 1)  

Related Discussions

Related Forums