RE: Recomendations on gateway antivirus
- From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
- To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
- Date: Thu, 4 Mar 2004 16:14:43 -0800
Responding to 2 different posts by the same person:
> John, see my post re eScan & MailScan - they do! Try it for yourself
> www.mwti.net . What can I say, I have not seen any infection on any of
> my clients since we started using eScan over 2 years back. I am now
> beginng to miss my virus cleanups :(
> "But, we are proud to share with you the fact that users of the recently
> released MailScan 4.2 and eScan 2003 'e' edition, will all be protected
> against such scums. This is primarily because both these products
> email-scanning engine has a feature to look inside a ZIP file
> (irrespective of whether it is password-protected or not) and then
> removing this ZIP file itself if it is found to be having a dangerous
> attachment. So, if you wondered how come you never received such worm
> infected mails, you now know the reason for the same :-)"
My statement stands. They admit (without saying it) that even they can not
catch a virus such as Bagle.J inside of an encrypted zip file. All they are
doing is banning the fact that there is an executable file within the zip.
The software I use does that as well very nicely.
To reiterate, there is yet no Anti-Virus scanning engine that can find and
identify a virus such as Bagle.J inside of an encrypted zip file.
BTW, striping an e-mail of an "harmful" attachment and then sending is not
the recommended course of action.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
Other related posts:
