Question
I have performed the VBS attachment vulnerability test from the GFI security website which indicates that my server is not protected. How do I protect against this type of message?
Answer
This test sends a vbs file to your server. This can be easily blocked by adding vbs to your list of rejected attachment types in GMS Anti-Spam
However this is not a substitute for running the up to date virus protection offered by GMS Anti-Virus
There are many other potentially damaging file types as well as vbs files, and as such the this limited GFI test is flawed, since passing this test may falsely lead an administrator to believe that their the server is secure. For a more complete list of potentially damaging files, please see Knowledge Base article q0398 in the “See Also” section of this article.
Furthermore, blocking attachments of a certain type is far less effective than virus scanning your incoming mail using GMS Anti-Virus, since blocking against certain types may not protect you against social engineering techniques which may be employed by a virus writer.
See Also:
- Why does #GMS# appear to fail the GFI security test I have tried?
- How do I pass the GFI “CLSID extension vulnerability test”?
- How do I pass the GFI “Fragmented message vulnerability test (for Outlook Express)”?
- How do I pass the GFI “Iframe remote vulnerability test”?
- How do I pass the GFI “MIME header vulnerability test”?
- How do I pass the GFI “VBS attachment vulnerability test”?
- How do I pass the GFI ActiveX vulnerability test?
- How do I pass GFI’s Access exploit vulnerability test?
- How do I pass the GFI “Object Codebase vulnerability test”?
- How do I pass the GFI “Eicar anti-virus software test”?
- What attachments should I block?
- How do I pass the GFI “Malformed file extension vulnerability test”?
Keywords:GFI, VBS, Vulnerability