At 11:00 AM 2/6/2003, John Rudd wrote:
Certainly scanning for viruses on the server is a good idea. We do it ourselves. However, it is unacceptable for an ISP to tell customers not to run AV products because the server they use for their email runs a scan. The issues are:> From: Daniel Senie <[EMAIL PROTECTED]> > > Products which wish to filter spam or viruses > REALLY should be built to "plug in" to mail clients via APIs.I disagree. The propper place to do spam and virus scanning is on the server. Sure, if you want user's to feel some form of warm fuzzy, they should have the option to run it on the client (and once there, your method might be right). But the best place to put it is on the server. For one, it means that the client hasn't wasted bandwidth downloading what may be huge amounts of bad data.
1. Liability: We tell our clients that while we scan for and delete virus laden email, we do not guarantee that it will be 100% effective. We recommend they run their own antivirus as well.
2. Diversity: We've often seen the server-based product we use lag the desktop products (different brands) in having updated virus definitions.
In a university or corporate setting, #1 may not be an issue of course.