(Note: These measures apply to users of the UW Bothell Exchange mail server only. For UW Seattle/Pine users please reference: http://www.washington.edu/computing/email/manage/blocking.html)
Problem: Many viruses are sent as attachments through email. Most of those attachments are scripts or programs that, if opened, will infect the recipient's computer with the virus. The virus collects email address from the infected computer and uses the addresses to send itself to other computers. Once infected, a computer can suffer massive data loss and can produce a storm of network traffic that disrupts network services.
New versions of this type of virus appear frequently. Unfortunately, every time a new virus comes out, the anti-virus vendors need to develop new filters for handling it. This takes time, during which a virus can quickly spread out of control.
Solution: In order to reliably protect our systems from these viruses, Information Technologies blocks all attachments of the specific types that are used to deliver the virus's payload. The attachment is stripped from the email message before it reaches the recipient and replaced with a notification of the removal. The header and text of the original message are delivered normally. Only attachments of types identified in this notice are being blocked, other attachments (Word files, Excel files, etc.) are delivered normally.
Guidelines for determining which attachments are blocked:
- Email attachments of types, which pose a significant security risk to users, including, but not limited to, those in use by viruses will not be delivered to Exchange users.
- Infected messages and those containing certain attachments will have their attachments discarded and the remaining message delivered. This is done so that a legitimate message will still arrive to notify the user of the problem.
- Messages containing attachments that do not appear to be infected but which are known to pose a significant risk and in common use will have the attachments removed (as above).
- Whenever an attachment is removed from a message, the virus scanner will attach a text file to the message stating so and providing the recipient with additional info as determined by UW Bothell Information Technologies.
- UW Bothell Information technologies will maintain and publish a list of attachment extensions affected by this policy.
Currently the full list of types of attachments that are blocked by UW Bothell Exchange services is as follows:
.exe .zip .pif .com .scr .vbs .sfs .shs .cmd .rar
Email coming into and going out of the campus through our Exchange services that contains an attachment of any of the above types will have the attachment removed and a notification attached to the message.