[Snort-users] SMTP Virus Gateway

Joshua James joshua.james at ...6094...
Fri Jun 14 09:05:02 EDT 2002


On Fri, 2002-06-14 at 11:39, Madziarczyk, Jonathan wrote:
> Hey all,
>  
>   So I've got my snort rules set up to alert on possible Klez Viruses (as
> well as other e-mail transferred viruses, like Code Red, etc).  That seems
> to be working pretty well.  As expected, I do seem to be missing some resets
> via flexresp and I'd prefer not to use it anyway just to avoid blocking
> false positives.  Is there a product out there that works well at blocking
> inbound/outbound viruses on e-mail?  I'm trying to find something that works
> on both straight SMTP (unix and listservs) and ESMTP (Exchange).  So what do
> the experts (you) recommend?

NOT Norton AntiVirus gateway. I can't speak for anything except the
version I use but if the company handles any other version the same way
I'd stay away. Both SirCam and Klez come right through. I already had to
upgrade once for SirCam, I'm not doing it again. I need to find a new
product as well.





More information about the Snort-users mailing list