Anti-Virus Measures

Viruses transmitted through e-mail messages are one of the more significant threats to your organization. E-mail viruses can attack individual computer systems or your entire e-mail environment. Therefore, you must ensure that you have adequate protection against viruses in your Exchange 2003 environment.

The most effective mechanisms for combating viruses are installing anti-virus software and keeping the anti-virus signature files up-to-date. With this in mind, you should consider protecting against viruses at the firewall, at the Simple Mail Transfer Protocol (SMTP) gateway, at each Exchange server, and on every client computer. The reason for installing anti-virus software at each destination in the message delivery chain is to provide as much defensive coverage on each message as possible. For example, the virus-scanning engine at the SMTP gateway uses a different Multipurpose Internet Mail Extensions (MIME) parser than the one that is installed on the Exchange server, which, in turn, is different from the parser used by Outlook or Outlook Express. From a MIME parsing perspective, this means that having a virus scanner (one that uses the native MIME parser) at each destination increases the likelihood of exposing viruses. In addition, you should consider running virus-scanning software from different vendors across your enterprise.

One common method virus writers use to transport viruses is to include the virus in an attachment. In the most obvious cases, a virus can be delivered by attaching an executable program (.exe) to an e-mail message. In some cases, viruses can be delivered by embedding them in a macro, which appears to users as a much more benign document (such as a Word or Excel file). To protect against such viruses, Outlook and Outlook Web Access provide the following attachment-blocking features.

Attachment Blocking Features in Outlook

Outlook 2002 and later versions include an attachment-blocking feature; this feature (enabled by default) blocks the most obvious file types, such as .exe, .bat, and .vbs files. Previous versions of Outlook require the Outlook E-mail Security Update, available on the Microsoft Office Online Web site. For information about how to configure Outlook attachment blocking features by means of a group policy, see the Office 2003 Resource Kit.

Attachment Blocking Features in Outlook Web Access

In Exchange 2000 Service Pack 2 (SP2), Outlook Web Access introduced the ability to block attachments by file type and MIME type. In Outlook Web Access for Exchange 2000 and Microsoft Office® Outlook Web Access 2003, attachment blocking is enabled by default. With this default configuration, users can send any attachment type but will not receive dangerous file types, such as .exe, .bat, and .vbs files.

For detailed steps about how to view or change blocked file types or MIME types in Outlook Web Access, see How to View or Change Blocked File Types or MIME Types in Outlook Web Access.

For More Information

For more information about anti-virus measures, see Slowing and Stopping E-Mail Transmitted Viruses in an Exchange 2003 Environment