[Esa-l] Outgoing Mail

Lee Howard faxguy at deanox.com
Mon Aug 13 16:50:59 PDT 2001


At 04:50 PM 8/13/01 -0500, Floyd Pierce wrote:
>-----Original Message-----
>From: Lee Howard [mailto:faxguy at deanox.com]

>>And if we cannot assume that our users are clean, then wouldn't it be
>>better to nip the problem in the bud rather than somewhere downstream?
>
>Good idea. How?

Any desktop system with any internet connectivity should be running and
updating antivirus software.  True, that doesn't give us 100% certainty
against being infected because we may get infected via downloads or webmail
(for example) before the signature is added to the definitions, but it's
pretty darn close.

To utilize an outbound mail filter in lieu of an antivirus program running
on the desktop is absurd.  And, my orignial comments were to say that IMHO
to run an outbound mail filter in addition to an antivirus program running
on the desktop is obsessive and wasteful in exchange for the very small
degree of added security it gives us.

Filtering incoming mail is a whole different issue, yet there's still a
small degree of insecurity, because an attachment may arrive, not being
poisoned, the recipient may defang it and may still get infected.

I seem to get the impression that people believe this degree of insecurity
to be less than the insecurity posed by very new viruses in webmail or
wherever.  Filtering outgoing mail is not so much wrong as it is wastefully
guarding users against their own stupidity.

Lee.



More information about the esd-l mailing list