The virus get into the user machine by e-mail from other ISPs.
Thats noway i
can block e-mail ports. I blocked ports TCP 4444,135,445 and UDP 69, known
as ports that w32.blaster and others worms use to spread in the network. I
really want to be able to scan every package that pass through
the firewall
and see from witch host its comming from. Ex: host-192.168.1.175
is sending
strange packages that maybe a virus attack.
Yes but you CAN use mimedefang, mailscanner or amavis-new to scan all emails
for virii.