|
|
How We Safeguard You from Receiving Viruses in your
Email
All incoming and outgoing emails that pass through the Arrowmail
servers are scanned for viruses and when one is found, the whole email is
deleted and no notifications are generated.
It's not the text of an email that contains a virus but rather, any attachment the email may
contain, and so it's these attached files that are scanned, including
any contained inside an attached ZIP file.
Why don't we send a notification email to the recipient or the sender
when we find a virus in an email?
The sender's address has, most likely, been forged so a notification
to the sender would be pointless, annoying or alarming to the
innocent person whose address was used in the email.
Why do you need to be informed that someone tried to send you a
virus?
Our view is that the original virus email was a waste of Internet
bandwidth so why allow it to generate more traffic?
We go one step further
We remove attached files of certain types even if they show OK to a
virus scan.
This is a precaution against new viruses.
The blocked
file-types are the ones used, almost exclusively, for transmitting viruses
and rarely have any legitimate purpose.
Here's a full list of the
file-types that we block:-
| ade |
adp |
asf |
bas |
bat |
chm |
cmd |
com |
cpl |
crt |
exe |
hlp |
hta |
| inf |
ins |
isp |
js |
jse |
lnk |
mbd |
mde |
msc |
msi |
msp |
mst |
pcd |
| pif |
reg |
scr |
sct |
shb |
shs |
vb |
vbe |
vbs |
wmd |
wmv |
wmz |
wsc |
| wsf |
wsh |
|
|
|
|
|
|
|
|
|
|
|
The above list shows the right-most part of a file's name, after the
final full stop, which is often hidden in file listings and indicates to Windows
the program it should use to open the file.
Password-protected ZIP files, that can't be scanned are also
blocked.
Let us emphasise that file-types commonly sent as attachments by legitimate users are
not blocked if they get the "all clear" from our virus scanner.
These include, but are not limited to:-
| doc |
gif |
jpg |
mp3 |
pdf |
ppt |
wav |
xls |
docx |
pptx |
xlsx |
|
|
When a blocked file-type is detected, the file is deleted but
the email is permitted to continue on to it's destination so that you
know what's happened in case you really are trying to send someone the
file.
If you want to send someone an EXE file, for example, you can
either put it in a ZIP file and attache the ZIP or copy it to your
Public Web Folder and then include a link to the file in your email.
You could also rename the filename extension to something safe, such
as TXT, and inform the recipient to change it back to EXE.
Our front-end and back-end mail-servers each have their own anti-virus
system, from different manufacturers, so most emails get scanned twice.
(Internal emails that don't leave the back-end server only get scanned once.)
It is therefore highly unlikely that an email-borne virus will
ever make it through our defences.
Should you turn off email-scanning on your PC's Anti-Virus Program?
Perhaps, if it's causing problems or delays and if you send and
receive email only from the Arrowmail servers.
If you don't actually have a program for virus-scanning emails and, again, all your email comes through Arrowmail, then
you're probably safe enough, however, when it comes to
computer security, the more layers of protection you have, the better.
Other dangers from emails
Attachments aren't the only way an email can cause your PC to become
infected by a virus.
An email may contain a link to a virus installer or a link to a
website that will try and convince you, by some subterfuge, to allow a
virus to be installed on your PC.
It's beyond the scope of our
anti-virus scanner to spot these tricks and so it's our anti-spam
system's job to detect such emails, plus any other emails with dishonest
intent, and divert them away from your inbox.
Your PC's
anti-virus program or security suite should block these attempts to
install a virus during the download process but the best defence against
these tricks is your own scepticism and common sense.
No matter who the
email claims to be from or what calamity it is warning you about, assume
it's a trick and ignore it.
Genuine companies and institutions you deal
with, know better than to use email to resolve important problems.
^ Top of Page ^
|
` |
