>While having SMTP virus scanning *might* be a good idea (regardless
>of which machine it's on) there is the issue that as a mail
>provider we could not advertise to our users that it absolutely
>protects them. Otherwise, we could be liable for the damage
>caused by the one that got away.
You NEVER make ANY committments to catch every virus, nor do you
assume liability for any virus damage if a virus gets through.
>So if you cannot absolutely protect users,
you cannot
>and telling them that you have something in place that will protect
>them *most* of the time causes them let down
>their guard and not have virus protection at the client level,
That's their behaviour, responsibility, and consequences, not yours.
> aren't we left with implementing a service
It's analogous to spam: you offer a SPAM/virus "reduction" service,
not a spam/virus "elimination" service, without any assumption of
liability, that issue signed off by the client, only promise a "best
effort". Best defense is multi-level: network-level (server/gateway)
plus host/PC-level.
Does Firewall-1 or any firewall expert guarantee perfect intrusion
defense?? Do condom mfrs guarantee their products against breakage
and assume liabilty for pregnancy? There's really nothing new under
the sun. Look around for analogous situations.
Len
http://BIND8NT.MEIway.com: ISC BIND 8.2.2 p5 installable binary for NT4
http://IMGate.MEIway.com: Build free, hi-perf, anti-spam mail gateways
========================================================================
This list server is Powered by iMS
'The Swiss Army Knife of Mail Servers'
--------------------------------------
To leave this list please complete the form at
http://www.CoolFusion.com/iMS.htm
List archives: http://www.mail-archive.com/infusion-email%40eoscape.com/
========================================================================
