[Snort-users] SMTP Virus Gateway
joshua.james at ...6094...
Fri Jun 14 09:05:02 EDT 2002
On Fri, 2002-06-14 at 11:39, Madziarczyk, Jonathan wrote:
> Hey all,
> So I've got my snort rules set up to alert on possible Klez Viruses (as
> well as other e-mail transferred viruses, like Code Red, etc). That seems
> to be working pretty well. As expected, I do seem to be missing some resets
> via flexresp and I'd prefer not to use it anyway just to avoid blocking
> false positives. Is there a product out there that works well at blocking
> inbound/outbound viruses on e-mail? I'm trying to find something that works
> on both straight SMTP (unix and listservs) and ESMTP (Exchange). So what do
> the experts (you) recommend?
NOT Norton AntiVirus gateway. I can't speak for anything except the
version I use but if the company handles any other version the same way
I'd stay away. Both SirCam and Klez come right through. I already had to
upgrade once for SirCam, I'm not doing it again. I need to find a new
product as well.
More information about the Snort-users