Dennis Peterson wrote: > Gerard Seibert wrote: >> ...I am not particularly interested in scanning outgoing mail. > > Because you don't scan outgoing mail I have to scan incoming mail from > you.
Is there really much practical value to outbound scanning? Isn't the vast majority of viruses and spam sent via zombies on unfirewalled (outbound) home networks? Even if a zombie was inside a corporate network, how likely is it to use the SMTP relay that happens to be configured in some mail client on the compromised machine? More likely it'll just attempt a direct send to the target, bypassing any filtering on your in-house relay. I'd think you'd get far greater benefit by practicing some form of egress filtering at the firewall, like rejecting all outbound connections with a port 25 destination except from the mail relay (or proxy) inside the firewall. For any small shop that keeps a close eye on their machines and network traffic, I'd think the overhead of scanning every outbound message would be a waste. -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/ _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
