LISTSERV - LSTOWN-L Archives - COMMUNITY.EMAILOGY.COM

LSTOWN-L Archives

LISTSERV List Owners' Forum

LSTOWN-L

	LISTSERV Archives
	LSTOWN-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Virus protection of lists

"Russell, D (Duncan)" <[log in to unmask]>

Thu, 18 Jan 2001 08:37:32 -0000

text/plain (60 lines)

-----Original Message-----
From: Good, Don [mailto:[log in to unmask]]
Sent: 17 January 2001 16:21
To: [log in to unmask]
Subject: Re: Virus protection of lists

However, Attachments=No does not answer the question by
Kevin Parris <[log in to unmask]> who wrote:

>We need to be able to send attachments on some of our lists, but are
>concerned about the spread of viruses through the list server.  LSoft
>support won't make any particular comments about what does or does not
>work, so I'm hoping those of you who've been doing this for a while can
>help me out.  What kind of anti-virus setup are you using to scan
>messages and attachments arriving at your LISTSERV for distribution?
>We're running LISTSERV and LSMTP together on a WindowsNT 4.0 platform.
>
>  Thank you!

I am planning to test the following setup:
Existing:
Primary mail receiver host with anti-virus software at "abc.company.com"
LISTSERV and LSMTP server on NT at "listserv.company.com"
DNS A (address) entries for both, DNS MX entry for "company.com"

Plan:
Rename LISTSERV server e.g. xyz.company.com, but do not put in DNS.
Delete DNS A record for "listserv.company.com".  Add DNS MX record for
"listserv.company.com", but point to "abc.company.com" mail server.  Add
pointer to "abc.company.com" mail server to have mail sent to
"listserv.company.com" forwarded to "xyz.company.com".  The
"abc.company.com" mail server will probably need a local HOSTS file to
identify "xyz.company.com" instead of DNS.

Desired result:
Incoming mail to "listserv.company.com" will be checked for viruses by the
"abc.company.com" mail server before forwarding to "xyz.company.com".  If
"xyz.company.com" does not receive any viruses, then it cannot send any.
Outgoing email will be sent directly by LSMTP on "xyz.company.com".

There are probably some LSMTP and/or LISTSERV site parameters that need to
be changed.  This is a future project, so if anyone wants to test it
sooner, be my guest.  And good luck.

This is very similar to our current setup, only we use a Unix box and
sendmail as the primary relay, which opens mail, decode attachments, scans
them and rejects the whole message if a virus is found. If the mail is clean
it is then forwarded onto the listserv NT machine.

WE have not yet found a suitable mail virus scanner for NT, all the ones we
have tried thus far cannot spot most attachment viruses, they do
occasionally pick up a virus in an outgoing mail. It is always identified as
being in file 0000.tmp, which appears to be a temp file created when
delivering mail. I think this because even with full quarantine and denial
of access to infected files the virus scanner still cannot catch this file.
It is thus too late to do anything about the virus.

Duncan

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM