SANS is reporting a critical vulnerability in Sophos Anti-Virus products that can allow remote code execution. ( http://isc.incidents.org/diary.php?storyid=1325 ) Is the version that IronPort uses vulnerable?
We run all the "clean" mail from our IronPort through Spamassassin (and ClamAV) and it catches those as well as the GIF STOX SPAM and Phishing emails that blow right by BrightMail. I would say that a full 1/4th of the email that makes it past Bright...
I'd be interested in hearing about AS as well. We have been running all the mail that gets through BrightMail through SpamAssassin (which catches the "fully unique text graphical stock dumping scam" spams easily) - we block thousands a day. We also...
Wow, we are seeing a huge increase in the last couple of days of the "GIF STOX SPAM". They blow right by our IronPort/BrightMail gateway without even slowing down!I have to say, it's a good thing we run all of our "clean" messages through SpamAssas...
I can definitely understand their thinking on that, but you'd think they'd actually be better at blocking spam than Spamassassin then - this has not been my experience. I've found SA to have a much better track record of false-positives and a much b...
I've not been happy with Brightmail's spam filtering, period. We run all mail that makes it past our IronPort Gateway through another box that runs it through SpamAssassin. Not only does this catch messages like those, but it also allows us to incl...
