[unisog] How often to pull anti virus updates from vendors
john.meyers at wright.edu
Sat Dec 8 02:37:55 GMT 2001
On Fri, 7 Dec 2001, Anne Bennett wrote:
> I don't intend to extract information from the message (other than to
> do a cursory check that it's probably Sophos's alert, to avoid having
> random spam set off a download unnecessarily). In particular, I would
> not retrieve a URL I received in a mail message; that *could* be
We currently restrict delivery of mail to the account that receives the
alerts to sophos' domain. Additionally, you could check the url to
ensure that it points back to Sophos's web site. Any other mail that
doesn't match the format of an alert notice is basically discarded.
The only issue I've come across so far is when sophos started sending
multiple identity references in a single alert message, but this only
took some minor code changes to remedy.
> It's interesting to note how people often come up with pretty much
> the same scheme independently -- probably means we're doing sometyhing
> right. :-)
It seems like the only way to stay ahead of this stuff these days is
to automate the process.
Wright State University
E-Mail: john.meyers at wright.edu
More information about the unisog