> -----Original Message----- > From: Jochem van Dieten [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 21, 2003 10:17 AM > To: CF-Community > Subject: Clean off > > > Josh Remus wrote: > > I would think that client virus protection & patching would be almost > > impossible to require with something like that, but if it were on every > > mail server, nothing would have ever gotten in, correct? > > First of all, virus signatures are only available a few hours after the > first virus is found. McAfee took 4 hours this time. > > Second, people will use their work machine to POP their private > email hosted > somewhere else. > > Running virus protection on mailservers is a nice way to protect you from > getting complaints from users about the number of emails they > receive, but > it doesn't come close to protecting your network. >
Understood, that's why we need client antivirus still. Our Norton was updated rather quickly, we certainly didn't SEE any ourselves until after it had updated. That doesn't mean that someone doesn't get it first, regardless. Secondly - if checking external, private POP3 servers is a security risk, why not shut it down? Again - depends on where you set the priorities, but I can think of no legitimate reason ANYONE needs to check external POP3 servers from WORK computers. > > > I know that ISP's, etc., don't run antivirus at the gateway in > most cases, > > since I believe it's a liability issue, but I would think that a > > university would be a different question. > > Because of defective email clients (Outlook) running virus > scanners on the > mail gateway is only effective if they also catch legitimate > email that does > not contain virusses. That is frequently unacceptable to an > academic community, especially since many of the scientists run > their stuff on Unix > anyway. > As a side note, this email would not pass through the mail gateway of my > university because it is severly broken and kills way to much. It > feels the > signature is dangerous. > > (If you get EICAR complaints from antivirus software, check RFC > 2045-9 and > find better antivirus software.) > Again - it's a matter of what the priorities are. Also, decent mail gateways can be tuned to be more or less agressive. They can also be configured to send a reject message to both the to and from, etc., to notify people a mail was blocked. What's the worst that happens? Both sender and receiver get notified, and if it's REALLY important, they can modify the message to go through again, they can make a phone call, etc., etc. All our business email goes through our gateway. If it gets rejected, it gets noted. If it's a legitimate or urgent business need, they can call or email. You still know an email was sent, you just can't get the attachment, or the real message. > > > I suppose to a point Universities are a different breed, but only due to > > the student's computers. There of course shouldn't be a single > faculty or > > facilities computer infected. You can mandate their security/antivirus > > settings. > > Optimist. > > Jochem > No, I'm definately a pessimist. I believe, given a chance, most people will do the stupidest thing possible. But if security was a priority at the top levels, it could be done. Evidently universities place the DESIRES of their employees/students above the NEEDS of their business (IE: the need to be secure). That's a choice they can make, I'm just saying I wouldn't suggest making it. Josh ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:5 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5 Get the mailserver that powers this list at http://www.coolfusion.com
