What I don't get is why people allow attachments pass through an Exchange server.
...We use a Barracuda filtering system, I have no idea if we've ever been hit since that system went live.
We also use a Barracuda which does a good job. Behind that, I have a Trend product as a second layer of filtering. The Exchange program has further controls.
But because of the versions of Exchange and Office we use are dated and past support life, I have to block nearly all types of attachments. It's a problem and a work around is in place for some things but it's a hassle. However, on the upside, if I get one spam a week, I am surprised and consider that too much.
We also have a usually strong web filter. While it may have a lapse now and then on new sites, its quickly configurable and upgraded nightly with new definitions like the 'cudda does.
Despite all thats in place, about a year and half ago, one got through to a server. Fortunately, we are terminal server based and the user did not have install permissions so the virus could not complete it's task. Turns out it was something brand new and a fix came out the next day.
It came from a trusted vendors website that had been compromised. :unsure: