We're getting slammed with spam with attachments that contain variants of the Cryptolocker. Somebody somewhere must have clicked something in an email and now its a constant onslaught. Users have been briefed not to open these attachments, but at this point we need it to stop. Cant have someone accidentally clicking one of these things and additionally its annoying as shit to have your phone constantly going off.
I run pfsense here and the postfix/mailscanner just isn't cutting it. I have pfblocker installed blocking the top spamming countries as well as 12 or so customer lists of known spam IP's.
mailscanner isn't catching it because it runs off clamav. Clam AV is not detecting these as viruses while all other major AV's are flagging it.
I haven't looked at Untangle in a long time and they seem to have changed their packaging scheme. What I do remember though is that their "free" system back then also used ClamAV. So I'm not so sure that anything that uses ClamAV as the AV engine is going to work.
I even uploaded one of the viruses to my webserver at home and downloaded it through the HTTP virus scanner on pfsense and it passes right though. Workstation AV catches it, but it goes right though the AV scanner.
What are you guys using? What can you suggest?
Thanks.
I run pfsense here and the postfix/mailscanner just isn't cutting it. I have pfblocker installed blocking the top spamming countries as well as 12 or so customer lists of known spam IP's.
mailscanner isn't catching it because it runs off clamav. Clam AV is not detecting these as viruses while all other major AV's are flagging it.
I haven't looked at Untangle in a long time and they seem to have changed their packaging scheme. What I do remember though is that their "free" system back then also used ClamAV. So I'm not so sure that anything that uses ClamAV as the AV engine is going to work.
I even uploaded one of the viruses to my webserver at home and downloaded it through the HTTP virus scanner on pfsense and it passes right though. Workstation AV catches it, but it goes right though the AV scanner.
What are you guys using? What can you suggest?
Thanks.