To create server mail rules, open Domino Administrator and select the "Configuration" tab. In the left pane, select Messaging -> Configurations and open the document for the server you want to configure. Edit the document and select the Router/SMTP-> Restrictions and Controls ->Rules tab. Select the "New Rule" button to create a new rule as shown in Figure A.

FIGURE A

Create a new server mail rule in Domino 6 Click picture for a larger image.

Server mail rules act on all mail delivered to the MAIL.BOX file before it is picked up by the router and delivered to end users. The SoBig.F worm only transmits itself as a ".pif" or ".scr" file, so you can create a mail rule to block messages with those types of attachments. Inform your users you are going to be blocking these file types; this should be part of your corporate email policy. You may also want to block ".bat" files and others. For a complete list of executable file extensions for Windows check out http://antivirus.about.com/library/blext.htm and create a corporate policy that is right for your organization.

In the "New Rule" dialog box, make sure the rule is on and add a condition for every file type you want to block by selecting "any attachment name", "contains" and then enter the file extension you want to block. Make sure that you select the "OR" option when adding subsequent extensions, as depicted in Figure B. The "Specify Actions" section allows you to select what you want done with matching messages. You can reject the messages (the "don't accept message" and "don't deliver message" have the same effect on SMTP messages), you can have their status changes to "held", or automatically quarantine them in a database of your choosing.

FIGURE B

You should set up your mail rule much like this. Click picture for a larger image.

The mail rule we have created will make sure that SoBig.F and its variants don't end up in your users' mail boxes. Now, let's create a second rule to quarantine messages that are the result of bounces from anti-virus systems.