Re: Trendmicro Viruswall Linux POP scanning

From: Gianluca (gluca_76@yahoo.com)
Date: 02/26/02 

From: gluca_76@yahoo.com (Gianluca)
Date: 26 Feb 2002 02:31:34 -0800

I know that the ideal solution is to implement e-mail traffic using a
internal mail server , unfortunately the real life is not ideal and
then also the dirty job must be done ;-)
However I've this kind of problem because I propose a security
solution also for small-business company who has very simple LAN and
,aboveall, not a considerable budget....

Please Jason, Have you some suggestion how to pratically realize your
solution using only a Linux Box ? Which pop client for linux do you
prefer ?( With secuirty in mind obviously )

Thanks for any comment
Bye
Gianluca
gluca_76@yahoo.com

"JM" <jmurdock@itraktech.com> wrote in message news:<omRd8.21253$2v1.737467@e3500-atl1.usenetserver.com>...
> "Wolfgang Kueter" <wolfgang@shconnect.de> wrote in message
> news:a57stv$vur$1@news.shlink.de...
> > JM wrote:
>
> > > If it is scanned the incoming SMTP, before delivery to the mailbox,
> > > why would you need to scan it during the POP download?
> >
> > That is the right question to ask. The only reason I can imagine are
> > connections to external POP3 servers that run no scanner. However such
> > connections should actually not be allowed and therefore should be
> > blocked by the firewall rules if one runs an own smtp server that
> > offers a scanner for incoming mail.
> >
> > > I know of nothing that does this. The closest thing would be the
> > > desktop scanners that proxy the POP session.
> >
> > Could offer a little help. Blocking POP3 connections to external
> > servers is the better way.
> >
> Agreed. I hate the desktop POP scanners anyway, they cause too many
> support headaches, adding an extra layer of configuration at the user level.
>
> Most of the time there is a web mail interface to the needed source, which
> then hopefully gets caught by the http scanner. But even then, if it's an
> ssl connection, it can't be scanned.
>
> Any corporate solution where web access is allowed must have at it's heart
> reliable, up to date desktop scanning and rational access controls at it's
> core. SMTP as the primary method of infection also needs to be addressed.
> Everything else offers only minimally incremental protection.
>
> Jerry

Relevant Pages

  • Re: SBS 2003 IIS BASED SERVICES FAIL INTERMITTENTLY
    ... If I read your post correctly, you have a switch where the SBS ... Run DHCP server on your SBS, and set all client machine nics to dynamic. ... Once you have your nics configured, run the Connect to the Internet wizard, ... QUESTION1 - what is REFUSING CONNECTIONS? ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS Exchange 2003: too many "Current Sessions" opened
    ... So far everything is good and now I'm just monitoring my exchange. ... get the SMTP service to stop hanging in the first place. ... won't have dead connections. ... work for now until I put into production new server hardware with sbs 2003 ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS Exchange 2003: too many "Current Sessions" opened
    ... You really should go through the steps I posted and get the SMTP service to stop hanging in the first place. ... You'll be happier, you won't be clubbing your server every day with a kill script, and you won't have dead connections. ... You do *not* need to restart the server, ...
    (microsoft.public.windows.server.sbs)
  • RE: Remote access problem
    ... CEICW setting RWW is OK. ... I clicked "Connect to server desktops" and got the screen with all the ... Remote connections ... > Internet Connection wizard' to configure the server networking settings? ...
    (microsoft.public.windows.server.sbs)
  • Re: Reducing load for LAMP app?
    ... MySQL: as much as possible, he keeps query results in RAM, but ... His hoster says that Apache server is under significant load. ... Using apc is pretty much transparent, but memcached will require modifying your database abstraction layer using the memcached functions. ... With persistent connections, you must have the maximum number of connections *ever* required allocated *all of the time* - even if no one is using your server. ...
    (comp.lang.php)