Tom Metro wrote: > Dennis Peterson wrote: >> Gerard Seibert wrote: >>> ...I am not particularly interested in scanning outgoing mail. >> Because you don't scan outgoing mail I have to scan incoming mail >> from you. > > Is there really much practical value to outbound scanning? Isn't the > vast majority of viruses and spam sent via zombies on unfirewalled > (outbound) home networks? Even if a zombie was inside a corporate > network, how likely is it to use the SMTP relay that happens to be > configured in some mail client on the compromised machine? More > likely it'll just attempt a direct send to the target, bypassing any > filtering on your in-house relay.
Because good companies and individuals restrict outbound port 25 traffic to the MTA's, the business MTA is frequently the only path out of a site. > > For any small shop that keeps a close eye on their machines and > network traffic, I'd think the overhead of scanning every outbound > message would be a waste. Scanning outbound is simply the proper thing to do. It may be difficult or it may not. That does not change the fact that it is the right thing to do. One would think though that the smaller the shop the easier it would be to scan outbound. A small shop is quite capable of becoming infected and spewing hundreds of thousands of emails and all manner of mayhem - just like the big shops. In this business size doesn't matter. dp _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
