> The virus get into the user machine by e-mail from other ISPs. > Thats noway i > can block e-mail ports. I blocked ports TCP 4444,135,445 and UDP 69, known > as ports that w32.blaster and others worms use to spread in the network. I > really want to be able to scan every package that pass through > the firewall > and see from witch host its comming from. Ex: host-192.168.1.175 > is sending > strange packages that maybe a virus attack. > Yes but you CAN use mimedefang, mailscanner or amavis-new to scan all emails for virii.
