I think the original question must have related to POPing out for personal mail, because otherwise the normal attachment stripping would occur. Clearly if you're just popping into your regular Exchange mailbox, you're just as protected from viruses as you are accessing it any other way.
-Peter -----Original Message----- From: Erik Sojka [mailto:[EMAIL PROTECTED] Sent: Thursday, June 12, 2003 14:04 To: Exchange Discussions Subject: RE: POP = Bad? -- SMTP = Good? Allowing employees to POP personal mail? Hmmm I didn't see that in the question but it's als a bad idea... > > -----Original Message----- > From: Ed Crowley [mailto:[EMAIL PROTECTED] > Sent: Thursday, June 12, 2003 4:46 PM > To: Exchange Discussions > > I believe the question here was specifically whether to allow > internal POP > clients to pull their mail (personal, presumably) from > outside sources. To > that, I would agree it is a very poor idea to allow that. > > As to whether to allow POP usage from outside, I would also agree that > allowing it is a poor idea, but there are ways to make it not > so poor. Even > though it is primative, POP is still a protocol that is necessary for > clients running on non-Windows platforms. You can configure > Exchange 2000 > to support only POP with SSL, somewhat reducing the vulnerability, or, > better yet, allow it only through a VPN. Still, I would be > encouraging such > users to try to use IMAP instead, but it is not without its > risks as well. > > Ed Crowley MCSE+Internet MVP > Freelance E-Mail Philosopher > Protecting the world from PSTs and Bricked Backups!T > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Erik Sojka > Sent: Thursday, June 12, 2003 1:09 PM > To: Exchange Discussions > Subject: RE: POP = Bad? -- SMTP = Good? > > > Mmmm. Man hours. > > Presumably since you are posting to an Exchange list, you are running > Exchange. If you just want a POP server you have wasted your money. > > If remote access is an issue, set up OWA. If virusesiises > are an issue, run > AV software on your Exchange boxes. > > > > > -----Original Message----- > > From: Joshua R. Morgan [mailto:[EMAIL PROTECTED] > > Sent: Thursday, June 12, 2003 1:58 PM > > To: Exchange Discussions > > > > I agree with you from a Security Standpoint that POP has > > certain risks, > > but maybe a better topic for management is the additional > headache POP > > is from a support standpoint.. Imagine if you will a > > Marketing person > > gets a new machine at home, this person sets up outlook to > > download via > > POP3, instead of choosing to leave the messages on the > server they opt > > to download everything and remove (could be a simple > mistake) however > > when they come into work the next day all their email is > gone. Now you > > could restore from backup which = man-hours or you could > have the guy > > bring in his machine and copy all the data from it which = > man hours. > > However if you are running Exchange this Marketing guy could have > > accessed via OWA or VPN, or even if you were not using > Exchange VPN or > > some 3rd Party web tool.. > > > > > > In other words Pop = Bad > > > > > > Joshua > > > > > > > > > > > > > > > > Joshua Morgan > > Email: [EMAIL PROTECTED] > > > > > > -----Original Message----- > > From: Matt Plahtinsky [mailto:[EMAIL PROTECTED] > > Sent: Thursday, June 12, 2003 1:52 PM > > To: Exchange Discussions > > Subject: POP = Bad? -- SMTP = Good? > > > > > > List, > > > > This might be more appropriate for a firewall/security list but it > > involves email and I don't belong to one of those yet so > I'll post my > > question here. I'm curious as to how many of your companies allow > > internal clients to access POP mail externally. The reason > I'm asking > > is because I see POP mail as security risk. Let me explain. Our > > firewall strips all but a few attachments from our incoming SMTP > > email. With POP however attachments cannot be striped > leaving a hole > > for new virus that aren't detectable yet by our virus > software. I'm > > going to try to talk management into letting me block POP. Is > > blocking incoming > > POP something other company do? Is there some other way to secure > > incoming POP mail? > > > > Matt > > > > > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=& > > lang=english > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang=english > > To unsubscribe: mailto:[EMAIL PROTECTED] > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > ext_mode=&lang > =english > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > ext_mode=&lang=english > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] ______________________________________________ This message is private or privileged. If you are not the person for whom this message is intended, please delete it and notify me immediately, and please do not copy or send this message to anyone else. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
