On Fri, 9 Apr 2004, Jeff Nelson wrote: > At 07:55 AM 4/9/2004, Josh wrote: > > >ClamAV gets my vote, in addition, reject ALL email with Windohs executable > >content at the SMTP level, including Zip files. Configuration depends on > >your MTA. There's no reason these should be attached to email messages, > >provide an online file upload/download area if people gripe. This has the > >added benefit of significantly reducing the load on your AV. Clam, as > >with other email content scanners, can take a lot of CPU. > > I don't get this reasoning. Yes, executables carry viruses. But how is it a > good idea to tell people to use a back door communication mechanism that > subverts the virus scanners? How do you ensure that the ftp dropbox doesn't > contain infected files? I have to agree with Jeff. Even if you do have an advanced user base the people they email probably aren't. Sometimes its easier to just "attach and forget" and if things are setup properly the risk is low. Yes I know you might get that ground zero virus through if you are extremely unlucky. Even if I did strip executables I'd still want to be scanning inbound and outbound messages. I suppose, one could argue that you are reducing load on the mail server. The most noticable example being some nob mailing that 30MB Power Point presentation around to half the company. However, I think most of those problems can be solved by education and (as a last resort) size restrictions. Also, assuming you have a scanner running on that file server they aren't really avoiding getting scanned, just the mail scanner. <snip> _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list