On May 5, 2005, at 10:45 AM, Matt Fretwell wrote:
Bart Silverstrim wrote:
My webmail is configured to use our standard smtp servers for all inbound/outbound mail. It really isn't all that difficult.
My understanding was that we were talking about people accessing Yahoo
or Hotmail from work, not your own internal mail servers with a grafted
webmail interface.
Actually it was Nigel, I believe, who suggested using a webmail system to
one poster. It was not regarding explicit webmail servers, rather, just
generic examples were given.
Dennis was merely pointing out how one of those systems should be setup
correctly. It is not a mailserver with a 'grafted' interface. It is a
webmail system that correctly submits mail in a safe and secure fashion,
to a MTA, in a way good systems should be designed.
My understanding is that it sounded like the original discussion was someone with the idea of "phil in HR is reading his email from yahoo, I have no control over yahoo, and phil downloaded a virus from their email service before they had their AV set up to catch it" (purely made up example). Someone else is chiming in with the understanding that phil is reading email from the in-house mail server using the in-house web interface front-end, and got a virus because we don't do antivirus on the web server handling the mail content for in-house mail. This is actually two separate scenarios.
To which someone replied that in a *PROPER* network that is *well managed* this isn't a worry because we block all external mail hosts and use a proxy for web traffic that tests content going over it for malware, in addition to virus scanning desktops and servers and <misc. that I'm probably forgetting but whose tone seemed to suggest that everyone who doesn't lock down everything as tight as a snare drum head is incompetent at their job as network techs>, to which in my head I dreamed a few moments about what it would be like to be a true BOFH on our network and have the power...political power...to get away with locking people out of their favorite web sites despite outranking me in the org chart and what it would be like to not have to deal with the politics of XYZ not being able to get their content completely rendered because of some glitch of interaction between the proxy and scanner and the website they're trying to get forms from. Ahhh to dream a little dream!
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html