Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1138
  • Last Modified:

1000's of VAPxxx.tmp viruses in Quarantine

the past few days my exchange 2003 server is being flooded with some type of virus.  the antivirus software in quarantining the virus of type VAPxxx.tmp.  i am using symantic antivirus corp edition and symatic mail security for exchange.  the problem is slow exchange server and taking up disk storage.   i have had this problem in the past and it finnally cleared up.  any ideas?

thanks,

charliebry
0
charliebry
Asked:
charliebry
2 Solutions
 
quell23Commented:
my 2 cents:
You could look in your smtp logs and compare the time in the smtp logs with the time on the  symantec logs and then set exchange to deny mail from that IP address (or email address) thats in the smtp logs. If you need mail from that IP address, you could change your Symantec settings to delete whatever is in the quarentine every few hours vs the default which is 90 days I think.  Just an idea though.
0
 
munichpostmanCommented:
Consider putting in another system between your Exchange Server and the Internet such as:

www.ironport.com
www.ironmail.com

Better still consider using one of the following

www.messagelabs.com
www.postini.com
www.frontbridge.com
0
 
TomBolandCommented:
Also make sure that NAV is set up to spefically exclude the exchange directories and the quarantine directories when it does it's normal file scan. It can make more copies of the same virus over and over again. You may only have a small number of actual viruses and NAV has copied over and over and over again when it scans.


Tom Boland
0
 
charliebryAuthor Commented:
I changed the NAV realtime protection to exclude NAV, Exchange and quarantine directories and that did solve the problem of filling up the quarantine file and disk storage.  By excluding these directories (mail boxes etc.) I assume the server is still protected.  I also found the site causing the problem "inet@microsoft.com" and blocked it.

Thanks,

Charliebry
0
 
TomBolandCommented:
Mail Security and the NAV corporate edition are related but separate. You are still protected for email viruses as long as Mail Security is running, configured properly, and updates on schedule.

Here is the link from Symantec on what to included and exclude with NAV Corp Edition 9 and Mail Security on the same box:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2004052416452048?Open&src=ent_tutweb_nam&docid=2004062508305148&nsf=ent-security.nsf&view=docid&dtype=corp&prod=&ver=&osv=&osv_lvl=

Tom
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now