On 02/24/2010 11:40 PM, Jason Brower wrote: > (: I let this conversation sit over night and this happens. :P > Thanks for the lively conversation. It seems then, that my ISP is doing > this some how. I don't have any amavisd.conf and don't have what ever > that is, installed. That's where google keeps pointing me is to change > that conf file to change. > So, with deduction, I think it's my local ISP who wants to read my > encrypted zips and as a result is really scaring the bagpipers out of my > clients. > Thanks guys and BR, > Jason Brower > > On Wed, 2010-02-24 at 10:20 -0700, Jim Preston wrote: >>> >>>> Steven Stern wrote: >>>>> Checking outgoing mail is pointless. Why bother? >>>> >>>> So you can reduce malware propagation? (And as a result, maybe not >>>> end up on everyone's local blacklist for spewing garbage...) >>> >>> It is still pointless and a waste of processing power. >> >> Yes this exactly the way zombie bot masters want you to feel. That way >> you can contribute to the spread of malware :^) >> >>> >>>>> If I were mailing malware, I'd be sure to mark that it had been >>>>> scanned, approved, and was safe to open. >>>> >>>> *nod* I won't trust third-party headers claiming mail is safe or >>>> non-spam... I *will* happily trust third-party headers that say it's >>>> malicious or spam. >>> >>> Again, pointless. I do not believe that there is any industrial >>> standard or RFC that specifically states how to insert a header that >>> that marks an e-mail as infected. Then you would have to consider, was >>> it SPAM, a Trojan or something else and was it discovered via some >>> heuristic examination of the document. You could probably craft a >>> whole >>> set of filters to exam the e-mail headers, etc, but why bother. Simply >>> employing your own AV software is a lot simpler, and probably more >>> reliable. >> >> Of course, I do think anyone feels that trusting an email that states >> it is safe is an alternative to scanning by the receiver. >>
If you're sending mail directly from your client to Google's SMTP servers, your ISP isn't touching it as the connection to Google is encrypted. What are you using for an SMTP server? For example, I'm typing this in Thunderbird and the smtp server for this account is smtp.gmail.com, not my local server or comcast. -- -- Steve _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
