Jim Maul wrote:
Perhaps, but i read it differently.
Fair enough.
But anyway, why would you want to perform additional virus scanning of
mailboxes if it is all scanned upon arrival anyway? The only reason
I could think is if virus definitions were updated after some malware
had already been accepted and you want to go back and look for it.
Exactly. And to me, this is a very good reason to do so. Many people
also scan incoming messages (during smtp) with multiple virus scanners.
Do you also ask the question, "Why scan the same message twice with 2
virus scanners?" The same principal applies here - redundant scanning
is a good idea.
Redundant scanning is good but it matters where you do it. If it is
done during the delivery process then fine but to scan through peoples'
mailboxes after delivery is a waste of resources. You would be scanning
through huge amounts of data (assuming large environment) to maybe catch
something that represents much less then 1% of your total volume.
In an environment where there are tens to hundreds of millions of stored
messages this is almost an impossibility. Not just due to implementation
but because of cost.
Steve
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
