Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
I have one user in our company who is getting
emails containing the SoBig32 virus daily,
probably about 150 a day....Now, this doesn't
neccessarily mean that SHE has the virus
correct? It probably means that she is on
someone else's mailing list who DOES have it,
no? I've scanned her computer and her
mailbox on the Exchange Server, and they
both come up clean. Should I just not worry
about it, or is there anythign I can do to stop
all those damn emails from coming to her?
The emails are getting caught by Norton on the
Exchange server, and I've set it to just delete
the entire email, but it's just bugging me (And
making me a little paranoid) to see them all
coming in every day...Thanks.
Correct, the virus can only affect the system if it has been downloaded onto the computer and unzipped. Unfortunatly there is nothing you can do, and i know that you time is precious so you can inform the sender. you can however block the sender but that would take some time aswell
0 
We have 4 users (out of approx 50) who were lucky too. They were getting about 150 as well. It bothered me the first few days but I set my scanning for every night and we are fine.
There's not a lot you can do to stop them unless you can figure out the true IP of the source. I found those were often spoofed just like the "from" field.
It sounds like you already set up a filter/rule to auto-delete the emails already but if not, I set up a filter to auto delete any email where the body contains "see the attached file for details" so we don't have to look at them. Unfortunately, they still hit the emailserver and I suspect it slows the performance a tiny bit. I guess that's the price for technology.
Oh, it would probably also help to have DNS verify all IP's otherwise deny the email. Unfortunately that is a double-edged sword because a lot of company's do not have their DNS configured properly and some legitimate emails will be denied. My manager opted against that option even though I tried it for about 1/2 hour and it definitely helped. AOL, AT&T and other companies are all using that now so I would assume people will get their DNS in order soon so it will become a more useable tool.
Have fun!
Vanessa
0
Also, don't bother trying to block a lot of the senders using the email address on the emails received. If you read the specs on the Blaster, you will see they are spoofed.
Good luck - Vanessa
0
Thanks Vanessa,
Yeah, I've already done everything you recommended, so I guess there's nothing left to do until Sept. 1oth when it stops replicating!
0  |
 Remove Q324929
|
please help me
|
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
