From owner-freebsd-chat@FreeBSD.ORG Thu Jun 12 19:31:21 2003 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 38BDB37B401 for ; Thu, 12 Jun 2003 19:31:21 -0700 (PDT) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3CEE643FBD for ; Thu, 12 Jun 2003 19:31:20 -0700 (PDT) (envelope-from brad.knowles@skynet.be) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.6p2/8.12.3) with ESMTP id h5D2VFtS076486; Thu, 12 Jun 2003 22:31:16 -0400 (EDT) (envelope-from brad.knowles@skynet.be) Mime-Version: 1.0 X-Sender: bs663385@pop.skynet.be Message-Id: In-Reply-To: <3EE933E1.9080503@potentialtech.com> References: <5.2.1.1.2.20030612202321.02e28008@194.184.65.4> <20030612193524.GA31199@grumpy.dyndns.org> <3EE8DB83.4040609@potentialtech.com> <200306122006.55906.dkelly@HiWAAY.net> <3EE933E1.9080503@potentialtech.com> Date: Fri, 13 Jun 2003 04:31:19 +0200 To: Bill Moran From: Brad Knowles Content-Type: text/plain; charset="us-ascii" ; format="flowed" cc: chat@FreeBSD.org Subject: Re: Antivirus for (mailservers on) FreeBSD X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jun 2003 02:31:21 -0000 At 10:16 PM -0400 2003/06/12, Bill Moran wrote: > Additionally, you want to scan ALL emails for malware, so if something > sneaks in off a floppy or something it doesn't run rampant throughout > the company email system, True. > while scanning outgoing emails for spam is > simply a waste of CPU cycles. False. You can be held liable (including criminal liability) if you could have reasonably prevented something like this, and chose not to. Moreover, the damage to your reputation for being known as someone infecting other people with viruses/worms/Trojan Horses/etc... could be incalculable. What is different about outgoing vs. incoming e-mail, with respect to viruses, is that you always want to inform the internal person that a message with a suspected virus was found, and you may (or may not) want to inform the outside people. In one case, the insiders are the recipients, in the other case, they are the sender(s). Also, if you catch all outbound e-mail, then you stop virus floods before they start (assuming they're recognized). -- Brad Knowles, "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)