Matt Fretwell said: > Dennis Peterson wrote: > >> >>> as it is harder to scan those messages for viruses >> >> >> >> Nonsense. Mail is mail. If you are running a mailserver, it should >> >be> able to cope with all types of mail, irrelevant of >> >> (creation|submission) >> >> method. >> > >> > But...if they're using webmail, it bypasses your mail server. It >> > would entirely depend on how "up to date" the webmail company's >> > scanner is and the virus scanner on your user's desktop is...unless >> > you're using a web proxy with malware scanner. >> >> My webmail is configured to use our standard smtp servers for all >> inbound/outbound mail. It really isn't all that difficult. > > > Exactly. Whatever numpty would have a web based application sending mail > directly, bypassing your smtp, (note the smtp, and not http), servers, > deserves everything they get. That is an irresponsible laziness of design > and implementation. MTA's were designed for a specific reason, to transfer > mail. You would not ask an MTA to serve a webpage. Why should a webserver > be exempt from this type of designed for implementation? >
The conversation, I learned, regards external webmail sites such as hotmail which does change the rules. They permit the attachments to land on the user's local system rather than holding them on the remote system. It's a real problem, security wise, and I don't have a problem with policies against using them. But then I don't care for any of the MSFT services. dp _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
