10-11-2004 07:33 AM - edited 03-09-2019 09:03 AM
I'm having problems making an exception to the out of the box rule 123 Worm protection rule. The SalesLogix application makes a connection to the Outlook COM module invoking rule 123.
---- snip
Potential worm propagation: The process 'C:\Program Files\SalesLogix\SalesLogix.exe' (as user XXXXX\ABCDEFG) has read downloaded content (file VBScript) and attempted to access an email or network related resource (Outlook COM Object - {0006F03A-0000-0000-C000-000000000046}).This is considered suspect. The user chose 'Yes'.
---- snip
I have tried creating rules to specifically allow saleslogix.exe to access the Outlook COM module. The rule will log positive but original rule 123 has precedence and causes the user to answer "yes" or "terminate" to the popup. Although the users can continue to use the application by answering "yes" the users are becoming annoyed to say the least. There seems to be no way to make an exception to the rule. You have the choice of enable or disable only. I would prefer to keep the rule enabled. Does anyone have any ideas I can try.
10-15-2004 01:30 PM
If you are talking about the CSA, then an allow rule may not work if the alarm is generated by a system rule. I'm not too sure if you are allowed to create exceptions or allow rules for the system rules.
10-15-2004 03:58 PM
That is a system rule and from what I am hearing CSA V4.5 will allow the creation of exceptions on systems rules. I was told this summer that it wuld be out later this year but I am not too optimistic at this point of it happening before early next year.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide