Outgoing E-Mail Scanning?

Discussion in 'other anti-virus software' started by Mannaggia, Nov 29, 2004.

Thread Status:
Not open for further replies.
  1. Mannaggia

    Mannaggia Registered Member

    Joined:
    Aug 14, 2003
    Posts:
    234
    Location:
    Northern California
    I need opinions. Is it a added plus for an antivirus to have outgoing e-mail scanning? Should outgoing e-mail scanning be high, medium, low on the list when shopping for an antivirus product? Would you consider outgoing e-mail scanning to be that little extra security blanket?
     
  2. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Well the most important is inbound checking since majority of worms come from outer source. Yes,outbound scanning is a major plus IMO.
    This way you can be at least 90% sure that you're not the source of infection.
    avast! Antivirus for example even checks mail sending frequency and warns you if its exceeded (this is usually caused by mass mailing worms).
    It also checks all outbound mail with signatures and special mail heuristics.
    I think no other antivirus use mail structure and attachement structure checking methods.

    These antiviruses also check outbound mail (i'm sure because i tested them thoroughly):
    Norton,avast! and Pc-cillin
     
  3. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    I don't use the Outgoing scanning because I don't think that is necessary, and save some resources and speed...

    Normally, when you sent an email with virus, the active scanner should detect it, and block it, like happens in NOD32...
     
  4. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Well not exactly. Resident Shield (and many other antiviruses) do not handle archives in real-time. But mail scanner does (it checks all known archives).
    So here is difference. Or if you just forward some attachement which is inside archive.
     
  5. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    I know that, but I know if the files or archives that I use, are or not infected, so...
     
  6. nod32_9

    nod32_9 Guest

    Don't use outbound scanning cause I need SPEED (56K line). If an email looks suspicious in my INBOX, then I will do a detailed manual scan.
     
  7. Mannaggia

    Mannaggia Registered Member

    Joined:
    Aug 14, 2003
    Posts:
    234
    Location:
    Northern California
    I think I'm leaning towards the an AV with outgoing e-mail scanning. Makes me feel a little more secure.[​IMG]
     
  8. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    The way I look at it is this:

    As I compose the e-mail, I'm secure knowing my system has been scanned with a regular on-demand scan once a week, and all incoming internet/e-mail traffic is scanned by IMON between manual scans.

    If NOD hasn't caught anything on the system up to that point, it's pointless (IMO) to trot another scan out to "really, really, cross-my-heart-hope to-die-hereby-certify" that my e-mail, is--in fact--clean.

    ;)
     
  9. Graystoke

    Graystoke Registered Member

    Joined:
    Aug 15, 2003
    Posts:
    1,502
    Location:
    The San Joaquin Valley, California

    You have a great way with words. :D :D I do agree with you.
     
  10. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    But in avast! case its not the same. Mail heuristics are totally different than normal Win32 heuristics. They check mail structure,attachement structure,outbound mail sending frequency and other things that were never ever checked by any Real-Time scan part.
     
Loading...
Thread Status:
Not open for further replies.