From: "Geo." 

"Jan van Hoek (NL)"  wrote in
message news:VA.000001cb.005481d7{at}xs4alldot.nl...

> We followed a similar strategy for many years, but there is an end
> to all good things(:-((

I don't know about that, sounds like you are using almost the same setup as us.


> restricted, plus that they run Outlook for their e-mail etc, these
> can be potentially compromised.

I solved that problem before it started, since the day we began with email
all attachments, and I do mean all, have been blocked. And to get around
the issues with java or scripting in an email we use Eudora 1.54 (text
only, it doesn't even do html). File transfers are done via windows server
share internally and via ftp with the rest of the world, and the ftp
directory requires a weekly password and is protected by AV software.


> A spurious Myphotoz.zip attachment passed half way through our
> defenses just 2 weeks ago, proving again that a multi layered
> approach (like we have) is necessary. This variant of Dumaru.y
> (mind the "z" in the filename) was not known in that form by all
> anti-virus products.

That's why we block all attachments, we also set a small size limit on
emails, just in case someone decides to try and get a file thru using
uuencode type techniques.

> All in all, the inside/outside approach has worked for many years.
> I'm not sure, however, that it will work next month, or even next
> week.

Well, lots of fully patch people got hit with mydoom so I'm not sure
patching is going to make much of a difference, although it can't hurt as
long as the patches don't break anything. (have you tried the latest IE
patch yet?)

Geo.

--- BBBS/NT v4.01 Flag-5