-----Original Message----- From: Good, Don [mailto:[log in to unmask]] Sent: 17 January 2001 16:21 To: [log in to unmask] Subject: Re: Virus protection of lists However, Attachments=No does not answer the question by Kevin Parris <[log in to unmask]> who wrote: >We need to be able to send attachments on some of our lists, but are >concerned about the spread of viruses through the list server. LSoft >support won't make any particular comments about what does or does not >work, so I'm hoping those of you who've been doing this for a while can >help me out. What kind of anti-virus setup are you using to scan >messages and attachments arriving at your LISTSERV for distribution? >We're running LISTSERV and LSMTP together on a WindowsNT 4.0 platform. > > Thank you! I am planning to test the following setup: Existing: Primary mail receiver host with anti-virus software at "abc.company.com" LISTSERV and LSMTP server on NT at "listserv.company.com" DNS A (address) entries for both, DNS MX entry for "company.com" Plan: Rename LISTSERV server e.g. xyz.company.com, but do not put in DNS. Delete DNS A record for "listserv.company.com". Add DNS MX record for "listserv.company.com", but point to "abc.company.com" mail server. Add pointer to "abc.company.com" mail server to have mail sent to "listserv.company.com" forwarded to "xyz.company.com". The "abc.company.com" mail server will probably need a local HOSTS file to identify "xyz.company.com" instead of DNS. Desired result: Incoming mail to "listserv.company.com" will be checked for viruses by the "abc.company.com" mail server before forwarding to "xyz.company.com". If "xyz.company.com" does not receive any viruses, then it cannot send any. Outgoing email will be sent directly by LSMTP on "xyz.company.com". There are probably some LSMTP and/or LISTSERV site parameters that need to be changed. This is a future project, so if anyone wants to test it sooner, be my guest. And good luck. This is very similar to our current setup, only we use a Unix box and sendmail as the primary relay, which opens mail, decode attachments, scans them and rejects the whole message if a virus is found. If the mail is clean it is then forwarded onto the listserv NT machine. WE have not yet found a suitable mail virus scanner for NT, all the ones we have tried thus far cannot spot most attachment viruses, they do occasionally pick up a virus in an outgoing mail. It is always identified as being in file 0000.tmp, which appears to be a temp file created when delivering mail. I think this because even with full quarantine and denial of access to infected files the virus scanner still cannot catch this file. It is thus too late to do anything about the virus. Duncan