Question 5 - Are you guys having problems, our connection is slow again.

We are seeing over 10000 outgoing tcp/ip connections originating from the customers connection. The customer has a virus.

Email Viruses (or really Tojan Horses) became a real problem about a year ago. Running emails through a virus checker will catch many of them. The problem occurs when the virus spreads very fast and the mailbox administrator is late in updating the virus checker.

A virus infecting a company can chew up days of effort. It can make a net connection unusable. It can really embarrass you.

Some Lessons I picked Up

Set up each Windows Box to that things don't "automagically" happen.

Microsoft like to make things "easy" for the user. This includes setting things up so that code emailed to someone can be executed on the recipients computer. This is plain nuts and all of this sort of functionality should be turned off.

Filter incoming executable attachments

We turn every single MIME attached executable off with a simple trick. Any time there is a ".exe", or ".scr", or ".com", etc., we change that into "~exe", "~scr", etc. The addition of the "~" essentially makes it so the attachment can't be automatically executed. A user that really want to execute the attachment needs to save it and then change the "~" back to a ".".

We have been filtering in the manner for over a few years and it has proved very effective. We don't have to wait for virus definitions, so its always up to date. The customers all like it a great deal. We have yet to receive a single complaint. Consider doing this (or having your ISP do it) and then instruct your users to NOT change and execute a program unless they are expecting it and know exactly what it is.

Inform your employees not to "reactivate" the "deactivated" attachments

Can't hurt to go over the rules.

Get a virus scanner or have your email scanned and or tweaked by your ISP

We don't currently run a virus scanner. We simply deactivate all executable attachments coming or going. This has proved fairly effective for the thousands of customers that use us for email. We will probably be adding a virus checker just to provide our customers with more information about their email.