On Thu, 2005-05-05 at 09:32 -0500, John Madden wrote: > > If they were running their systems properly we wouldn't be having this > > conversation. The clients of those systems are able to retrieve mail and > > attachments straight to local storage while by-passing local filters (and > > policy). Not very different from browsing ftp sites in that regard, and > > wholly unsecure. > > Right. Which means *your* security policy still must include desktop > security by > way of firewalls/virus scanning/proxies/policies/etc. An insecure public web > mail > system is irrelevant.
Maybe, but we have blocked web-based-outside-e-mail-such-as-yahoo-or-msn-or-gmail-that-doesn't-use-our-MTA (Hopefully that is explicit enough for the nit-pickers who can't read context) since right after the Melissa worm hit, what, 4 years ago? 5? and haven't had a mass-mailing email worm inside since. So, a little policy goes a long ways. Generally, before any of our users are silly enough to click on an web page with a blended attack, the anti-virus companies have found it. And we do have other protections in place. _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
