Search DominoPower's 10,675 Lotus-related article archive 
Home
EasyPrint
News details Click here for the RSS feed's XML code. This is not a browser URL.
Articles-only Click here for the RSS feed's XML code. This is not a browser URL.
Twitter Feed Click here for the Twitter feed.
EMAIL UNDER ATTACK
How to protect your Domino servers from Sobig.F
By Daniel Koffler

While SoBig.F looks like spam and shares many of the same characteristics, most of Domino's anti-spam features are useless at blocking it. Aside from installing anti-virus software on your workstations and mail servers, the best methods of blocking SoBig.F are to educate users about opening attachments and to use server based mail rules to eliminate SoBig before it ever gets delivered to your users.

To create server mail rules, open Domino Administrator and select the "Configuration" tab. In the left pane, select Messaging -> Configurations and open the document for the server you want to configure. Edit the document and select the Router/SMTP-> Restrictions and Controls ->Rules tab. Select the "New Rule" button to create a new rule as shown in Figure A.

FIGURE A


Create a new server mail rule in Domino 6 Roll over picture for a larger image.

Server mail rules act on all mail delivered to the MAIL.BOX file before it is picked up by the router and delivered to end users. The SoBig.F worm only transmits itself as a ".pif" or ".scr" file, so you can create a mail rule to block messages with those types of attachments. Inform your users you are going to be blocking these file types; this should be part of your corporate email policy. You may also want to block ".bat" files and others. For a complete list of executable file extensions for Windows check out http://antivirus.about.com/library/blext.htm and create a corporate policy that is right for your organization.

In the "New Rule" dialog box, make sure the rule is on and add a condition for every file type you want to block by selecting "any attachment name", "contains" and then enter the file extension you want to block. Make sure that you select the "OR" option when adding subsequent extensions, as depicted in Figure B. The "Specify Actions" section allows you to select what you want done with matching messages. You can reject the messages (the "don't accept message" and "don't deliver message" have the same effect on SMTP messages), you can have their status changes to "held", or automatically quarantine them in a database of your choosing.

FIGURE B


You should set up your mail rule much like this. Roll over picture for a larger image.

The mail rule we have created will make sure that SoBig.F and its variants don't end up in your users' mail boxes. Now, let's create a second rule to quarantine messages that are the result of bounces from anti-virus systems.


1  ·  2  ·  Next »
Other articles you might like
Home > Strategies > Email Management (60 articles)
   Using the Notes Client with Gmail
   Using the Notes client with Hotmail (or not)
   Is English-only a viable mail management strategy?
Home > Lotus Technologies > Domino (69 articles)
   Centralised email encryption at the Domino server level
   Getting the Domino server time with @Now
   When the email flood inundates the Domino Server
Get Weekly Email Updates
Subscribe to our regular weekly email newsletter. It's packed with tips, reviews, deep analysis, and the latest news.
 
Recent DominoPower Articles
What to look for in a Domino-based document management solution
Understanding Domino.doc end-of-life options
When the debugger won't debug hidden code that isn't hidden
What to do if the LotusScript debugger won't single-step over code
Top 10 ways to launch and build a Lotus consulting practice (with a little help from the Beatles)
Troubleshooting an OpenSuse Notes install
Incident report: denial of service attack against ConnectedPhotographer.com
Latest Lotus Headlines
SnTT - Enabling ALL the bells and whistles!
Tivoli Data protection causes Domino to crash
Fun when running DB2 CLP scripts
Introducing Flippr, the easy way to admin Quickr
DXL and fake security
Using search forms in IBM Workplace Collaborative Learning 2.7
Schmidt, Freed, and Gering on the OVF Toolkit
>> Read all the news
More from the ZATZ journals
Computing Unplugged: Eight steps to successful and reliable home backups
David Gewirtz Online: CNN commentary and analysis
OutlookPower: Can Outlook run when it's not running (and other mysteries)?
-- Advertisement --

PDF Conversion for Lotus Notes
Convert Lotus Notes documents to PDF for sharing, archiving or web printing.

  • 1-step PDF: As easy as clicking a Lotus Notes toolbar icon
  • Archive email folders or views as a self-contained PDF
  • Convert any document collection into a PDF file
  • Produce print-quality output from Web applications
  • Client side or Server side conversion
  • Doesn't require any DLL files
  • LotusScript API for developers


Ready to learn more?
-- Advertisement --

Good Practices... Better Practices... Teamstudio.
Implementing good practices in your Notes environment doesn't have to be complicated.

Teamstudio provides software and services for efficient Notes development and simple, secure administrator control. Our new website also provides users with a library of resources to help, including:

  • Ready-to-implement policies for good practice development and deployment in Lotus Notes
  • On-demand webinars on topics ranging from tips for better coding, to securing your applications, managing agents, and streamlining your application deployment process
  • Free utilities for download to help you more more efficiently tackle several specific tasks in Notes development
Visit our library of white papers to help you take on difficult issues in your Notes environment.

Drop by our new website and take a look!
ZATZ Home  ·  News  ·  Back Issues  ·  Credits/Trademarks ·  Link To Us
Copyright © 1998-2009, ZATZ Publishing. All rights reserved worldwide.
Editor's Login