|
|
|
|
|
|
|
|
|
|
|
|
|
|
EMAIL UNDER ATTACK
How to protect your Domino servers from Sobig.F
By Daniel Koffler
While SoBig.F looks like spam and shares many of the same characteristics, most of Domino's anti-spam features are useless at blocking it. Aside from installing anti-virus software on your workstations and mail servers, the best methods of blocking SoBig.F are to educate users about opening attachments and to use server based mail rules to eliminate SoBig before it ever gets delivered to your users.
To create server mail rules, open Domino Administrator and select the "Configuration" tab. In the left pane, select Messaging -> Configurations and open the document for the server you want to configure. Edit the document and select the Router/SMTP-> Restrictions and Controls ->Rules tab. Select the "New Rule" button to create a new rule as shown in Figure A.
FIGURE A
 
Create a new server mail rule in Domino 6 Roll over picture for a larger image.
Server mail rules act on all mail delivered to the MAIL.BOX file before it is picked up by the router and delivered to end users. The SoBig.F worm only transmits itself as a ".pif" or ".scr" file, so you can create a mail rule to block messages with those types of attachments. Inform your users you are going to be blocking these file types; this should be part of your corporate email policy. You may also want to block ".bat" files and others. For a complete list of executable file extensions for Windows check out http://antivirus.about.com/library/blext.htm and create a corporate policy that is right for your organization.
In the "New Rule" dialog box, make sure the rule is on and add a condition for every file type you want to block by selecting "any attachment name", "contains" and then enter the file extension you want to block. Make sure that you select the "OR" option when adding subsequent extensions, as depicted in Figure B. The "Specify Actions" section allows you to select what you want done with matching messages. You can reject the messages (the "don't accept message" and "don't deliver message" have the same effect on SMTP messages), you can have their status changes to "held", or automatically quarantine them in a database of your choosing.
FIGURE B
 
You should set up your mail rule much like this. Roll over picture for a larger image.
The mail rule we have created will make sure that SoBig.F and its variants don't end up in your users' mail boxes. Now, let's create a second rule to quarantine messages that are the result of bounces from anti-virus systems.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-- Advertisement --
PDF Conversion for Lotus Notes
Convert Lotus Notes documents to PDF for sharing, archiving or web printing.
- 1-step PDF: As easy as clicking a Lotus Notes toolbar icon
- Archive email folders or views as a self-contained PDF
- Convert any document collection into a PDF file
- Produce print-quality output from Web applications
- Client side or Server side conversion
- Doesn't require any DLL files
- LotusScript API for developers
Ready to learn more? |
-- Advertisement --
Good Practices... Better Practices... Teamstudio.
Implementing good practices in your Notes environment doesn't have to be complicated.
Teamstudio provides software and services for efficient Notes development and simple, secure administrator control. Our new website also provides users with a library of resources to help, including:
- Ready-to-implement policies for good practice development and deployment in Lotus Notes
- On-demand webinars on topics ranging from tips for better coding, to securing your applications, managing agents, and streamlining your application deployment process
- Free utilities for download to help you more more efficiently tackle several specific tasks in Notes development
Visit our library of white papers to help you take on difficult issues in your Notes environment.
Drop by our new website and take a look! |
|
|
|
|
|
|
|
|
|
|
