Re: Blocking E-Mail Attachment Types

[Louis Anthony Arminio <Lou.Arminio () NAU EDU>]

We first run a virus filter on all mail passing through our mail gateways, and don't deliver email with infected files. 
 Any email containing an executable attachment that is not detected as a virus is quarantined, and replaced with 
instructions on how to retrieve the email.  We have a self-serve application that allows people to have their 
quarantined email forwarded to them if they believe it is legitimate.  Attachments are scanned again prior to delivery. 
 It's pretty common to detect a virus after an attachment has been sitting in quarantine a few hours because our AV 
signatures have had a chance to catch up with the latest virus signatures.  Since we started this practice, we have not 
had any big problems with e-mail borne viruses.  There have not been many complaints from our users.

--
Lou Arminio
Senior Information Security Analyst
Northern Arizona University
Information Technology Services
1300 S Knoles Dr, NAU Box 5100
Flagstaff, Arizona 86011
Ph:(928) 523-6462
Fax:(928) 523-7407

-----Original Message-----
From: Steve Lewis [mailto:sgl3 () LEHIGH EDU] 
Sent: Wednesday, July 01, 2009 1:00 PM
Subject: Blocking E-Mail Attachment Types

Hi All,

Forgive me if you've already seen this on another list...

Does anyone here block specific e-mail file attachment types? I'm 
curious to see how common (or uncommon) this practice is.

Thanks,
Steve Lewis
Lehigh University LTS