Outgoing Email Scan?

Hi! Everyone,

I am fairly new to NOD (registered v2.12.3). Also, I have winxp sp2 and Outpost Firewall...along with several other security layers.

I am familiar with the debate about the pros/cons of scanning outgoing email. Nevertheless, I have a couple questions:

1.) Does AMON, in a sense, scan outgoing email as I have read elsewhere (not on this forum I think)...or is it DMON that does that?

2.) Is there an outgoing email scan plugin?

3.) A google result for the Eset website states there is an outgoing email scan...but when I go to the site I can't find anything specific though it does mention somewhere (for which version I am not sure)
under Features (I believe) that it scans smtp and POP3. Am I missing something?

Thanks!!!
snowfire

 

Hi snowfire,

1. Yes, AMON scan the files when you sent an email. DMON is a Document MONitor, AV support for MS Office.

2. No

3. IMON only scans incoming mail via POP3. EMON scans incoming mail via MAPI.

Regards

 

Thanks!


"1. Yes, AMON scan the files when you sent an email. DMON is a Document MONitor, AV support for MS Office."

So...does that mean that I can honestly and realistically say at the end of my outgoing emails that the were scanned by NOD32?

Thanks Again,
snowfire

 

Yes you may

 

...Why, Thank-You Very Much!!

Bye,
snowfire

 

lol . No problem . Hope that helped . Take care and enjoy NOD

 

With EMON, outgoing email can be scanned also.

However, if AMON or NOD32 scanner doesn't find anything, there would be no sense in scanning outgoing email as it would not discover another virus not detected by AMON previously.

 

There is something not quite right about this logic. I just can't put my finger on it.

Neil

 

Don't you think it's logical that if the on-demand scanner doesn't find anything there's no chance a mail checker could discover a threat in outgoing email?

 

I suspect, like me, Gauthreau finds that perfectly logical.

That being the case though Marcos, what is the point of implementing a separate outgoing email scanner?

 

One possible answer is that a few of the majors do so and Eset are continually asked for it. And with newbies to Nod32 it will give peace of mind...

Cheers

 

The thing is that with AMON enabled, there's no chance you could attach an infected file to an email.

 

I understand that, the however is, this being the case why are Eset making a module that does scan outbound? To which my answer applies

Cheers

 

I use an email client called Thebat. This program allows some anti-virus programs to scan incoming and out going mail by using plugins. I use a nod32 plug-in myself.

 

because it's possible to disable amon?

 

And , BlackSpear , you are correct . I am not a newbie but , a MAJOR gripe I have with alot of AV programs is they do not put a footnote in incoming and outgoing email . Means nothing to you I guess but , it is SUPER nice to have . I am comforted with that . I still run a full scan but , not as often as if I did not have the foot note to tell me it has been scanned . Some people , like me , depend on this part . It keeps me feeling comfortable . Knowing I do not have to go into NOD ans run a scan to make sure all is well . To me , the scan is more of a backup for me as the real time protection and informing me that emails have been scanned is the best medicine . A fact is a fact . The fact is , prevention is much better than having to find it after the fact . I say to NOD , keep it ! Do not change . Again , I fully agree with BS , ( nice initials ....lol ) , but , I am not a novice and love the simplicity in this program .

 

AMEN .

 

Well, you can already configure NOD to append a note to incoming emails - either all of them, infected only, or none, which I would agree is useful. But I still can't see the point of appending a message to outgoing email. To me, such messages are nothing but an irritation.

Turning the situation around, do you trust such a message appended by the sender on emails you receive sufficiently to trust that the mail is not infected? I certainly don't, as I receive some from people whose AV solution is obviously not up to date (as evidenced by the message itself) and I've even received infected emails that deliberately have a bogus message appended purporting to have been scanned by some AV or other and declared virus free. The only message I would consider trusting to even the slightest extent is the one appended by my AV, on my machine, on receipt.

And if you don't trust such messages on emails you receive (and IMO you'd be wise not to) doesn't that render the whole point of them rather meaningless?

 

Another reason to have a module that can scan outgoing email is that the settings for it can be customized.

For example, the default AMON settings don't scan in ZIP files. However, that makes it possible that I could send a ZIP file to someone that has malware inside, undected by NOD32, because it wasn't scanned. A special outgoing-email module could be configured to scan all attachments and messages.

[Please, no one tell me to configure AMON to scan all files; that would be missing the point by a wide margin.]

 

Here we go . I already know how NOD works . I have it remember ? And glad you think it is an irritation . Seeing as how you do not see it scan outgoing . Ok . This is so stupid it is actually funny . You do not like the footer on incoming/outgoing mail ? That is pointless . It is a nice thing that has been added . To the people that do not care for it , get a life . I personally like it and do not see the point in removing something like this since it is already in the program . It causes no harm and some people might like it . If you are irritated by a foot note showing it has scanned an email , I have to wonder how life must be for you . If I did not like that part , I do not think irritation would come to mind . And you do not trust that footer when you get emails . Ok . It is still nice to have . I am not an idiot and send viruses . Sooooo , I feel proud to have that at the bottom of mine going out to friends . I do not trust anything incoming anyway . Ever heard of layered security ? Just another FREE layer telling you that it has been scanned . Need we argue over something nice . Oh yea . You do not look at it as nice . You see it as an irritation . Again , maybe another AV might suite you better .

 

I Double That and Triple This and that!!

This Bud is for you hollywoodpc

Cheers,

dagolag

 

How does a tag at the bottom of sent email messages equate to prevention?

 

It verifies that a check has been done, just as a "No viruses found" at the end of a system scan does. It verifies this for the sender and to some extent for receiver, so that both know the mail has been checked. Thus it provides information as to how the security of the email process is working.

Since it would be very simple to implement, why not include it as an option that users can deploy or not? I would like my email recipients to be explicitly informed that I had taken the care and courtesy of having incoming/outgoing emails checked.

I use Barca client & NOD32 apparently doesn't do an outgoing check ofr this client. I wish it did, even if the philosophy is that it unnecessary. Surely much "layered defence" could be described as "unnecessary" - but the point is that the layers provide failsafe security. My final point is that the impression od security is surely an important part of the totality of security. So I reckon: make the outgoing scans and the email tags an option.

 

But those messages don't "prevent" anything. They may provide you feedback, but they don't in and of themselves provide any sort of preventative measure.

I have my wife send me an email every day when she gets to work. This tells me that she's OK. But it's her safe driving that gets her there every day; the email is just feedback.

I was just trying to understand the thinking behind the desire to have a message on outgoing emails. Basically, it just provides a warm fuzzy. That's fine, but come right out and say "I want a warm fuzzy"; don't try selling it to us as if it's an actual layer of security.