Best Practice virus.quarantine
Hi out there,
I wanted to discuss the best practice for handling quarantined mails.
Since update from ZCS 6.x.x to 7.1.2 more and more notifications of customers coming in reporting mails moved to quarantine - mostly because of encrypted pdfs. Before the update we havn't had those problems. Don't know what damn filter rule has changed and I don't want to search for hours and try for months to find best settings...
To bring it to the point:
I am searching for a good way to handle that quarantined mails. I've learned from the google-oracle that there is no nice and easy way to release those mails but I also don't want the customer to call me for every mail with a pdf attached.
So I thought about moving all mails from one customer in a folder in the incoming of the virus-waurantine.XYZ@domain.de-Account with a filter and then share this folder to the customer (surely with explaining hin what this is and warning to open one of these mails without double checking).
- What do you think of this idea?
- It would be great to have the possibility to let delete these mails after 30 days. Any ideas?
- Also I am wondering what would happen, if the customer syncs this folder with the Outlook Connector. Will his antivirus run wild?
I'm thankful for every comment and help. I hope that more Zimbra-admins are interested in this issue and I can start a discussion in this thread.
How do you handle quarantined mails?
ZCS NETWORK edition 7.1.2 (GA 3268) - Ubuntu 8 LTS 64bit