Re: WARNING - Groupshield 6 + Exchange 2003
From: RJ (ryanjjones_at_mail.com)
Date: 02/16/04
- Next message: Mark Arnold [MVP]: "9582 Error - nothing helps"
- Previous message: Louis: "Event ID 951"
- In reply to: RJ: "Re: WARNING - Groupshield 6 + Exchange 2003"
- Next in thread: Martin Moustgaard: "Re: WARNING - Groupshield 6 + Exchange 2003"
- Reply: Martin Moustgaard: "Re: WARNING - Groupshield 6 + Exchange 2003"
- Messages sorted by: [ date ] [ thread ]
Date: 16 Feb 2004 00:55:20 -0800
It appears NAI have been working hard to resolve this (really!)
And the solution is another hotfix to resolve a AD lookup on "system"
emails bug. If you remove any AD policies set up - its as stable as a
rock.
The second hot-fix (to be released shortly) will resolve this.
So - if you are thinking about GSE6 - then IMO with these 2 hotfixes
it is now appearing to be a very stable and capable platform.
However, make sure you get these two hotfixes asap!
ryanjjones@mail.com (RJ) wrote in message news:<fb580c69.0402111135.5504e56d@posting.google.com>...
> Thanks - GSE4.5 stopped all our mydooms - mainly by blocking
> filetypes!!
>
> My moan justifies an update:-
>
> NAI tech support called me this afternoon acknowledging a bug - and
> said they will send me a hotfix this evening/tomorrow. So can't say
> fairer than that - though clearly I'll be a guiniepig. I will update
> this as soon as I have it and know if it works etc. (complain when
> justified; and also give credit when justified)
>
> Still annoyed then knew about this, no warnings, and its buggers like
> us that take the flack from our user community!
>
> If GSE6 has all bugs removed it does appear good. Detects renamed
> files as correct file type (guess down to mime headers); can block
> content by filetype (.ext only) within ZIPs etc and obviously the
> normal AV. Makes our life easier.
>
> I want the thing to work - but time will tell.
>
> RE: GFI, we're evaluating the spam software (GFI mail essentials) at
> the mo - and its currently learning HAM email - so we'd get a nice
> bundle price of both. So I think we may well get Mail Security in.
> Thanks for the info. Did the "code decompiling" modile detect the
> virus before defs then? We find this (on paper) hard to believe!
> "David Kilpatrick" <eat@more.beef> wrote in message news:<402a3519$0$27646$61ce578d@news.syd.swiftdsl.com.au>...
> > Hi RJ ..
> >
> > Firstly, thanks for the forewarning! We're looking at taking the 5.5 to 2003
> > path, and for about 2 years have been runnung GroupShield 5.0 successfully.
> >
> > With regards to GFI MailSecurity, if you can get it, get it! By sheer good
> > co-incidence, I installed a trial version of Mail Security the day before
> > the MyDoom storm erupted .. and not one infected email got through our SMTP
> > gateway. At last count, MailSecurity stopped about 36000 MyDoom's using a
> > combination of attachment checking policies and virus scanning.
> >
> > Good luck with GS6
> > --
> > David Kilpatrick
> >
> > "RJ" <ryanjjones@mail.com> wrote in message
> > news:fb580c69.0402110415.5ca0d0d9@posting.google.com...
> > > All
> > >
> > > Having recently migrated from Ex 5.5 to 2003 with minimal issues - the
> > > only problem we have is with the installation of Groupshield 6.
> > >
> > > We've been using GSE for years. However, we are suffering with GSE
> > > version 6...
> > >
> > > Every now and then (was every minute for a while) the Exchange server
> > > would become unresponsive to client requests - and the reason was GSE
> > > was hanging it. Killing the GSE process and everything started
> > > working again (GSE restarted).
> > >
> > > Have calls logged with NAI - 48 hours later the only response is to
> > > "disable X, Y, Z etc". Which in my opinion leaves a whole multitude
> > > of back doors in - and in some situations viruses could enter - or at
> > > the very least loads of attachments that we are trying to prevent
> > > entering.
> > >
> > > Also - disclaimers don't appear to work; nor do different policies for
> > > different users. Not perfectly anyway. However these are low
> > > priority and we've not spent much time resolving.
> > >
> > > SO - WORD OF WARNING: Keep away from GSE6 on Exchange 2003 if you are
> > > expecting it to be working in a live environment. At least wait until
> > > hotfixes/service packs are available. (We are using TIGHT security
> > > for scanning; blocking by attachment extension; and blocking by
> > > attachment type - i.e. if someone renames a file. We have a separate
> > > policy to allow IT to send anything we like - but that doesn't work.
> > > Don't know if its our settings - but same results in lab environment
> > > too.)
> > >
> > > This is sadly killing us taking away the otherwise successful upgrade.
> > >
> > > So - if anyone has any GSE6 experience in a similar environment with
> > > these issues that they have fixed - please post here.
> > >
> > > On a slightly different note, for obvious reasons we are now having to
> > > urgently explore gateway antivirus/file-filtering software.
> > > Recommendations appreciated!! (PS - we are currently evaluating GFI
> > > Mail Essentials - so if anyone has +ve comments about GFI Mail
> > > Security I'd be interested).
> > >
> > > Thanks - and hope this warning saves someone from an unreliable
> > > server....
> > >
> > > (Note: info correct as of 11 Feb 2004 - McAfee technove nai36328.
> > > Scary. Workaround: Disable content & file filtering; set level of
> > > protection = low; turn off notifications; turn off proactive scanning;
> > > disable alert manager; disable outbreak manager. Yuck. Virtually
> > > paraphrased as "turn if off and it won't give you problems". Nice
> > > advice from an antivirus company)
> > >
> > > PS - if anyone has any information on patches/hotfixes - please
> > > advise...
- Next message: Mark Arnold [MVP]: "9582 Error - nothing helps"
- Previous message: Louis: "Event ID 951"
- In reply to: RJ: "Re: WARNING - Groupshield 6 + Exchange 2003"
- Next in thread: Martin Moustgaard: "Re: WARNING - Groupshield 6 + Exchange 2003"
- Reply: Martin Moustgaard: "Re: WARNING - Groupshield 6 + Exchange 2003"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
