Anyone running NAI GroupShield 4.5 on Exchange 5.5 SP3
#2
Scooby Senior
I know a lot of people that are and my friends wrote it.
Anything I can do to help?
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by ChrisB:
<B>Please let me know if you are...
Ta,
ChrisB.[/quote]
Anything I can do to help?
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:<HR>Originally posted by ChrisB:
<B>Please let me know if you are...
Ta,
ChrisB.[/quote]
#3
I am with jack - but i think he is biased - no probs it is a very good product. Only problem is doing the update via a dial up.
Do you not sell Sonicwall kit??
Why do you ask??
But I think Jack has better contacts
[This message has been edited by WillieF (edited 09 August 2001).]
Do you not sell Sonicwall kit??
Why do you ask??
But I think Jack has better contacts
[This message has been edited by WillieF (edited 09 August 2001).]
#4
Moderator
Thread Starter
Join Date: Dec 1998
Location: Staffs
Posts: 23,573
Likes: 0
Received 0 Likes
on
0 Posts
Willie,
Yup, we do sell Sonic's.
Jack,
Had a copy of SirCam come through today. The attachment was .DOC.PIF
Got past GFI Mail Essentials which should get it with the Norman AV engine and as a fall back it is setup to block .PIF attachments (amongst a bigger list).
It then went past Groupshield 4.5 with the 4140 engine and 4151 DAT. Groupshield is also setup to block .PIF (along with VBS, WSH etc).
VirusScan 4.5 finally killed it on the recipients PC (thankfully!).
What's worrying is that another SirCam got through last both Mail Essentials and GroupShield last week to the same user!
I'm still speaking to GFI about it from last weeks episode (we have some extra diag. logging turned on now), but I want to look at the GroupShield angle now as I'm a little concerned!
I'm wondering if it's our config or something strange? I do have a bit of confidence in ME / GS as they both grabbed some HTML mails infected with the VBS/HapTime@MM virus a week or so ago.
TIA,
ChrisB.
Yup, we do sell Sonic's.
Jack,
Had a copy of SirCam come through today. The attachment was .DOC.PIF
Got past GFI Mail Essentials which should get it with the Norman AV engine and as a fall back it is setup to block .PIF attachments (amongst a bigger list).
It then went past Groupshield 4.5 with the 4140 engine and 4151 DAT. Groupshield is also setup to block .PIF (along with VBS, WSH etc).
VirusScan 4.5 finally killed it on the recipients PC (thankfully!).
What's worrying is that another SirCam got through last both Mail Essentials and GroupShield last week to the same user!
I'm still speaking to GFI about it from last weeks episode (we have some extra diag. logging turned on now), but I want to look at the GroupShield angle now as I'm a little concerned!
I'm wondering if it's our config or something strange? I do have a bit of confidence in ME / GS as they both grabbed some HTML mails infected with the VBS/HapTime@MM virus a week or so ago.
TIA,
ChrisB.
#7
Scooby Senior
The most likely reason is that the infected mails were in TNEF format. Our latest engine - in beta - can handle this format, most likely the same problem for GFI as I know it affects other vendors.
Here's some info on TNEF and a link to our new engine - It's stable as far as I know
Pronounced tee-neff, and short for Transport Neutral Encapsulation Format, a proprietary format used by the Microsoft Exchange and Outlook e-mail clients when sending messages formatted as Rich Text Format (RTF). When Microsoft Exchange thinks that it is sending a message to another Microsoft e-mail client, it extracts all the formatting information and encodes it in a special TNEF block. It then sends the message in two parts - the text message with the formatting removed and the formatting instructions in the TNEF block. On the receiving side, a Microsoft e-mail client processes the TNEF block and re-formats the message.
Unfortunately, most non-Microsoft e-mail clients cannot decipher TNEF blocks. Consequently, when you receive a TNEF-encoded message with a non-Microsoft e-mail client, the TNEF part appears as a long sequence of hexadecimal digits, either in the message itself or as an attached file (usually named WINMAIL.DAT). These WINMAIL.DAT files serve no useful purpose so you can delete them.
Here's some info on TNEF and a link to our new engine - It's stable as far as I know
Pronounced tee-neff, and short for Transport Neutral Encapsulation Format, a proprietary format used by the Microsoft Exchange and Outlook e-mail clients when sending messages formatted as Rich Text Format (RTF). When Microsoft Exchange thinks that it is sending a message to another Microsoft e-mail client, it extracts all the formatting information and encodes it in a special TNEF block. It then sends the message in two parts - the text message with the formatting removed and the formatting instructions in the TNEF block. On the receiving side, a Microsoft e-mail client processes the TNEF block and re-formats the message.
Unfortunately, most non-Microsoft e-mail clients cannot decipher TNEF blocks. Consequently, when you receive a TNEF-encoded message with a non-Microsoft e-mail client, the TNEF part appears as a long sequence of hexadecimal digits, either in the message itself or as an attached file (usually named WINMAIL.DAT). These WINMAIL.DAT files serve no useful purpose so you can delete them.
Trending Topics
#8
Moderator
Thread Starter
Join Date: Dec 1998
Location: Staffs
Posts: 23,573
Likes: 0
Received 0 Likes
on
0 Posts
Jack,
Many thanks for that info.
Must admit I've never heard of TNEF although I've often seen WINMAIL.DAT files kicking around.
I shall grab the 4150 Beta Engine on Monday and see what happens.
Does the lack of support for TNEF stop the attaching blocking function working in GS?
Beer's are on me should we meet up
Cheers,
ChrisB.
Many thanks for that info.
Must admit I've never heard of TNEF although I've often seen WINMAIL.DAT files kicking around.
I shall grab the 4150 Beta Engine on Monday and see what happens.
Does the lack of support for TNEF stop the attaching blocking function working in GS?
Beer's are on me should we meet up
Cheers,
ChrisB.
Thread
Thread Starter
Forum
Replies
Last Post
Mattybr5@MB Developments
Full Cars Breaking For Spares
28
28 December 2015 11:07 PM
Mattybr5@MB Developments
Full Cars Breaking For Spares
12
18 November 2015 07:03 AM