Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 6251 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

End Point Sec and Protection - Email / pop3 protection?

Buddy

We've moved from KAV Business Space Security to EPSC 9.7 deployed via EC 4.7.

As a test i've received several eicar laced emails and all came through ok to the EPSC clients and it wasn't until we saved then executed the files (.com .exe) that an alert came up.  On the KAV clients the emails were removed from Outlook and replaced with a virus found message, even on the odd client we have with Avast we were denied access to the virus emails.

I've searched and searched within the EC polices in relation to email / pop3 (Outlook clients) protection and can find nothing to configure for email protection.  Am i missing something?

Thanks.

:13221


This thread was automatically locked due to age.
Parents
  • 0

    Ok, I'll try again. If the payload is in some way "unscannable" - like a password protected zip file - it will get through (or otherwise such content would never be delivered). Thus it has to be scanned again anyway when opened (unless the information about the scan during transfer is kept somewhere - where would that be?). Furthermore decoding and extracting during transfer significantly delays the download and could also lead to timeouts. Still - as noted above - it wouldn't catch all threats and "just in time" scanning couldn't be waived.

    Actually this kind of scan should be performed by the gateway, IMO POP3 scanning is overrated and a relic.

    now they are left to open those attachments at their leisure

    Only if they'd forward it somewhere else where no AV is installed as already noted.

    Christian

    :13571
Reply
  • 0

    Ok, I'll try again. If the payload is in some way "unscannable" - like a password protected zip file - it will get through (or otherwise such content would never be delivered). Thus it has to be scanned again anyway when opened (unless the information about the scan during transfer is kept somewhere - where would that be?). Furthermore decoding and extracting during transfer significantly delays the download and could also lead to timeouts. Still - as noted above - it wouldn't catch all threats and "just in time" scanning couldn't be waived.

    Actually this kind of scan should be performed by the gateway, IMO POP3 scanning is overrated and a relic.

    now they are left to open those attachments at their leisure

    Only if they'd forward it somewhere else where no AV is installed as already noted.

    Christian

    :13571
Children
No Data
Unfiltered HTML