|
IMPORTANT
NOTE: This page documents anti-virus procedures used until March 30, 2006. Please see
http://www.utoronto.ca/ns/antivirus after that date.
UTORmail:
Virus
Filtering
This
documentation has been written for technical support staff, the
technically advanced and the curious. Those looking for an overview
and basic instructions, please visit www.utoronto.ca/ns/antivirus.
IMPORTANT
NOTES:
- The
anti-virus filter at the post office does not replace the need
to install and maintain up to date anti-virus software on your
computer . The anti-virus filter and anti-virus software work
together to give you the best possible protection against virus
delivery and infection. To download Symantec® Norton Anti-Virus
(NAV) software, please visit the University's UTORprotect
site. The UTORprotect site is also an excellent resource on
Best
Practices for protection against viruses.
- Only
messages from other post offices are filtered. Messages from other
UTORmail customers are not. If you receive a virus internally,
please report the virus to security.admin@utoronto.ca
. You will need to send the security administrator the full header
of the message in question. The full header is required in order
to track the message's point of origin. Instructions for viewing
the full header of a message are available under the E-mail
Security section of UTORprotect.
Here's How It Works
In the case where a message contains one or more attachments suspected
as viruses, the UTORmail post office will do the following:
-
remove all attachments whose file extension name appears in the
table below
- replace
each such attachment with advisory text explaining what happened
- add
a tag to the Subject line "[PMX: suspect attachment]"
for easy identification via client-side filtering
- tag
the message with a spam score of 100% (see Viewing
the spam score of a message for an explanation of spam scores)
- deliver
the resultant message to the junk-mail folder
-
if the junk-mail folder is unavailable, the 'defanged' message
is delivered to the inbox
- if the account is forwarded, the 'defanged' message is delivered
to the appropriate address
TABLE of File Extensions to be Blocked File
extension File type
.ace ACE Archiver Compression file
.ade Microsoft Access project extension
.adp Microsoft Access project
.bas Microsoft Visual Basic class module
.bat Batch file
.chm Compiled HTML Help file
.cla Java Class Files
.class Java Class Files
.cmd Microsoft Windows NT Command script
.com Microsoft MS-DOS program
.cpl Control Panel extension
.crt Security certificate
.cs Microsoft C# App executed by .NET framework
.eml MS Outlook Express email
.email MS Outlook Express email
.exe Program .hlp Help file
.hta HTML program
.inf Setup Information
.ins Internet Naming Service
.isp Internet Communication settings
.js JScript file
.jse Jscript Encoded Script file
.lnk Shortcut
.mde Microsoft Access MDE database
.msc Microsoft Common Console document
.msi Microsoft Windows Installer package
.msp Microsoft Windows Installer patch
.mst Microsoft Visual Test source files
.ocx Microsoft OLE control
.pcd Photo CD image, Microsoft Visual compiled script
.pif Shortcut to MS-DOS program
.reg Registration entries
.scr Screen saver
.sct Windows Script Component
.shs Shell Scrap object
.shb Shell Scrap object
.vb VBScript file
.vbe VBScript Encoded script file
.vbs VBScript file
.wsc Windows Script Component
.wsf Windows Script file
.wsh Windows Script Host Settings file
.zip Zip compression/archive
|
