> >This falls into the "Is it a dessert topping or a floor wax"
> >category. Is it a firewall, or a virus checker? Or both?
> > ...<snip>...
You may get your desert topping and floor wax from the same store, but do
you want them out of the same box? ;-)
> The system is an NT system which will be your frontend mailhost to
> the Internet. It will accept incoming mail, detect and decode
> email attachments, run them through a PC virus checker, and if they
> pass, send the mail on to the actual mail system.
Store and forward as done by MIMEsweeper, MailGuard etc., may be
acceptable, since the latency is normally transparent to the user (unless
he's accustomed to sending himself mail to see how long it takes to
> This approach seems to strike a reasonable balance between technology
> and policy (protecting internal systems which are accidently or purposely
> mis-configured (may users turn off the virus scanners for perceived
> performance or robustness reasons in violation of policy). Running the
> virus scanner on a seperate box (if needed) can address the performance
But not eliminate them. There's still an overhead, and for protocols such
as FTP, it isn't transparent, though it performance may well be improved.
And as always, imposing protection at this level is no substitute for
comprehensive desktop protection. If users are turning this off, you still
have to either kick their butts or address their requirements with a
better comprehensive solution.
> Disclaimer: I have not used or tested the Dr. Solomon product, the
> approach just seems to be a clean one to me, albeit with one more
> system to be added to the security checklist.
It's a useful possible supplement, and Dr. Solomon's is one of the better
scanning engines. As long as no-one mistakes it for a panacea......
David Harley | alt.comp.virus FAQ
uk | & Anti-Virus Web Page
Support & Security Analyst | Folk London On-Line gig-list
Imperial Cancer Research Fund | http://webworlds.co.uk/dharley/