-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[EMAIL PROTECTED]">mid:[EMAIL PROTECTED]>, Jan Rifkinson [JR] wrote:
ACM>> [...] I've tried the plugin and all it really does is ACM>> alert you that a message is infected, providing you ACM>> with the message sender and subject. TB! continues to ACM>> download the message and place it in the inbox or ACM>> respective folder a filter places it. You will then ACM>> have to find the message and delete it or whatever. JR> I don't get it. Why is this a good thing then? My sentiments exactly. You'll see my further comment on this in another message. The exercise seems hopelessly redundant if that is all that is done. May as well just leave the infected attachment there for Amon (NOD32's real-time system monitor) to detect it. JR> I must be missing something but I would want the diseased msg JR> deleted or at a minimum quarantined. I thought I was missing something while having that discussion with Clive, but it turns out that he doesn't use the NOD32 POP3 scanner so I don't know if he realises that it doesn't delete anything and only notifies the user. As far as I can see, it can't be made to delete anything either. JR> You see, Allie, I've downloaded NOD32 & am considering it vs JR> PC-cillin but following these either/or threads is leaving me w JR> lots of questions about how NOD32 works with TB!, the TB plug in, JR> etc. PC-Cillin doesn't offer any more advantages than NOD32 where working with TB! is concerned, though it handles infected messages differently. I hope Thomas is reading this and will tell us exactly what the current PC-Cillin's POP3 scanner does. I think it prevents download of the offending message and then you have to go to the server to delete it or download it from there for inspection in case it's a false positive. False positives are real. I just sent a message to list this morning that was initially rejected by the listserv as a message carrying the eicar virus. <g> There's a plugin available for NOD32 that works well for incoming messages. I've tested it and it works. When it detects an infected message it can be configured to do one of the following: - - Move the message to a quarantine folder (a TB! folder is created here) - - Delete the message. - - Strip infected attachments. - - Clean the infected part - - Forward the message to self (I don't get this one) You can also choose to send a notification message to the originating address. JR> Reading their material would lead one to think that NOD32 was JR> consistently the best antivirus software out there [something I JR> would want] but from this list I'm getting very mixed signals. I don't know if it's the best one. I'm not really saying that it's the best. I don't know if any it's users here is saying so. It's one of the better ones out there though at detecting infected files which is the bottom line. POP3 scanners is just ancillary. A wonderful POP3 scanner or plugin is no good if the virus detection engine doesn't detect the viruses. :-) - -- -=Allie C Martin=- List Moderator | TB! v1.60q | Windows XP Pro PGP/GPG Public Key: mailto:[EMAIL PROTECTED]?Subject=2B0717E2 _________________________________________________________________ -----BEGIN PGP SIGNATURE----- iD8DBQE9B7l2V8nrYCsHF+IRAlaIAJwNsKXzmjIghtbNAWUF/rCACmAemgCePxBV qUqyn/U2bleJjUOWaYnzQ8A= =TIMX -----END PGP SIGNATURE----- ________________________________________________________ Current Ver: 1.60q FAQ : http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://bt.ritlabs.com
