Re: pop3 antivirus check

From: Steve (securityfocus_at_delahunty.com)
Date: 09/08/03

  • Next message: Birl: "Re: One Time Password" 
    To: "Lukas Sosnovec" <lukas76cz@seznam.cz>, <security-basics@securityfocus.com>
Date: Mon, 8 Sep 2003 13:59:23 -0400

    How about telling them no since it is a security risk and note that in your
    written policy to support that reply? Although if you do tell them no you
    still have a hole when users check web-based email via HTTP. I have seen
    many firms that block access to any website with the word "mail" anywhere in
    the URL.

    As a solution if you do want to allow POP and HTTP based email for users I
    have seen good products that are border appliances checking all traffic on
    HTTP, HTTPS, SMTP, POP, IMAP etc and scanning for viruses and certain
    blocking attachment types, mime types. Symantec makes one that does this as
    do other vendors.

    ----- Original Message -----
    From: "Lukas Sosnovec" <lukas76cz@seznam.cz>
    To: <security-basics@securityfocus.com>
    Sent: Monday, September 08, 2003 5:48 AM
    Subject: pop3 antivirus check

    We restrict all outgoing traffic to http only. For incomming emails we use
    TrendMicro WirusWall on our SMTP server. Now some users in our LAN want to
    acces pop3 servers in Internet via pop3 protocol. I'm wondering if there
    exists any antivirus solution for such situation (I mean something like pop3
    AV proxy)? Any expiriences?
    Lukas

    ---------------------------------------------------------------------------
    Captus Networks
    Are you prepared for the next Sobig & Blaster?
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Precisely Define and Implement Network Security
     - Automatically Control P2P, IM and Spam Traffic
    FIND OUT NOW - FREE Vulnerability Assessment Toolkit
    http://www.captusnetworks.com/ads/42.htm
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Captus Networks
    Are you prepared for the next Sobig & Blaster?
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Precisely Define and Implement Network Security
     - Automatically Control P2P, IM and Spam Traffic
    FIND OUT NOW - FREE Vulnerability Assessment Toolkit
    http://www.captusnetworks.com/ads/42.htm
    ----------------------------------------------------------------------------

  • Next message: Birl: "Re: One Time Password"

    Relevant Pages

    • RE: pop3 antivirus check
      ... TCSE: Trend Certified Security Expert ... Subject: pop3 antivirus check ... As a solution if you do want to allow POP and HTTP based email for users ... Captus Networks ...
      (Security-Basics)
    • Re: pop3 antivirus check
      ... Yes, I know it's a security problem, but I have to find a way... ... I thing I can give the users only http acces, and the web-based email could be checked by my WirusWall. ... > Captus Networks ...
      (Security-Basics)
    • WhiteHat Arsenal 1.06 Beta Released
      ... fitted with an HTTP Response Code lookup utility. ... WHArsenal the best web application security product available. ... WhiteHat Arsenal logs all HTTP Request activities in either XML or HTML ... The Session Manager keeps log files ...
      (SecProg)
    • << Small Bus Server news of the week>>
      ... The POP3 Connector service connects and logs on to the remote POP3 ... will pick up the mail that is in the Incoming Mail folder. ... A Chinese security group has released sample ... A California blood bank has retrieved a stolen ...
      (microsoft.public.backoffice.smallbiz)
    • << Small Bus Server news of the week>>
      ... The POP3 Connector service connects and logs on to the remote POP3 ... will pick up the mail that is in the Incoming Mail folder. ... A Chinese security group has released sample ... A California blood bank has retrieved a stolen ...
      (microsoft.public.backoffice.smallbiz2000)