[unisog] How often to pull anti virus updates from vendors

John Meyers john.meyers at wright.edu
Sat Dec 8 02:37:55 GMT 2001

On Fri, 7 Dec 2001, Anne Bennett wrote:

> I don't intend to extract information from the message (other than to
> do a cursory check that it's probably Sophos's alert, to avoid having
> random spam set off a download unnecessarily).  In particular, I would
> not retrieve a URL I received in a mail message; that *could* be
> dangerous!
 We currently restrict delivery of mail to the account that receives the
 alerts to sophos' domain.  Additionally, you could check the url to
 ensure that it points back to Sophos's web site.  Any other mail that
 doesn't match the format of an alert notice is basically discarded.
 The only issue I've come across so far is when sophos started sending
 multiple identity references in a single alert message, but this only
 took some minor code changes to remedy.

> It's interesting to note how people often come up with pretty much
> the same scheme independently -- probably means we're doing sometyhing
> right. :-)
 It seems like the only way to stay ahead of this stuff these days is
 to automate the process.



John Meyers
Computing Services
Wright State University
E-Mail: john.meyers at wright.edu

More information about the unisog mailing list