As the occurrence of malicious viruses continues to increase, it is becoming more important to safeguard computers. PA.net employs a wide variety of virus blocking techniques, which reduce the potential for viruses being delivered to your PA.net e-mail address; these techniques include screening, scanning, and teamwork.
"None shall pass!"
As the occurrence of malicious e-mail viruses on the Internet continues to increase, it is becoming even more important to safeguard personal computers. Here are some steps that PA.net is taking to help stop the spread of viruses to our customers.
Screening: Watching for tricks.
E-mails that contain viruses will often try to disguise themselves as legitimate file attachments. Viruses that pretend to be a desired file to the recipient are called "Trojan Horses" for obvious reasons. A typical technique that this sort of virus will use is to alter its own file extension. For example, it may be an executable file that ends in ".exe" and it will prepend its true file extension with ".gif". Many versions of the Windows operating system will ignore any file extension after the first one; this can result in a file that is actually "wedding.gif.exe," a potentially dangerous virus executable, appearing as "wedding.gif". The recipient may then run the virus thinking that they are only opening a harmless image file.
PA.net's mail servers attempt to catch this potentially harmful content and remove it before it gets to your e-mail account. Countless trojan horses that could install viruses or alter your computer's registry are captured this way before they even get into the PA.net mail system.
Blocking: Closing the port.
When new viruses come out, they will often start using "ports" or paths of communication from infected computers to either infect other computers or to inflict some sort of network damage. When PA.net finds viruses that are engaging in this sort of behavior we may shut that port down for our dial-up home user accounts in order to attempt to limit the amount of damage that can be inflicted upon them.
It is our intention that this action be a benefit to our customers, not a hindrance. If you are using a standard dial-up account and have special needs that require the use of a port that has been shut down by PA.net, we will be happy to open it for your account. To request a port to be opened on your account, please e-mail firstname.lastname@example.org. The current ports being blocked for standard PA.net dial-up accounts are listed below. It is our policy that Internet ports on DSL and commercial dedicated access accounts are not restricted unless we are responding to a network emergency.
|Blaster worm & derivatives||Sasser worm & derivatives|
|udp / 69||tcp & udp / 445|
|tcp / 135||tcp / 5000|
|tcp / 5554|
|tcp / 9996|
File Scanning: Stopping the obvious.
PA.net mail servers coordinate with three independent virus scanners, one commercial and two open source. All of our scanners are updated with the latest known virus information once an hour. PA.net stores both the headers of messages that have been flagged as sending viruses to our customers, in case there is any need of legal action, and the virus file itself on disk, in case it is wanted by the customer. You may not know how hard we work to try to keep viruses out of your inbox but it sure makes a difference. As an example of how many viruses PA.net servers catch, below is a list of the top 12 viruses blocked in only a 30 day period.
Teamwork: Ganging up on evil.
Through the open source community, PA.net works with thousands of other service providers around the globe to stop viruses from spreading. If you know someone that is using an e-mail service that does not perform virus blocking services, please recommend that they switch to a provider that does. More people using virus blocking services means fewer viruses will be spread on the Internet. For information on referring someone to PA.net visit www.pa.net/getmember.html. PA.net also recommends that customers use and update private virus detection software on their personal computers, as well as do all critical updates for their operating system.