Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 1 subscriber
  • Views 10926 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

End point anti-virus email alerts - SMTP Authentication

ChrisH

Hey guys,

I'm being told from my hosting provider that there is no way to get our Sophos virus killer to use SMTP authentication to send virus alerts.  They are insisting that we install an SMTP server into our web-server group, which I am not happy to do.

While I wouldn't want to question my hosting provider, and I appreciate there are ways around this with firewalls etc, I am stunned that Sophos would promote spam in such a way as to demand an SMTP server which is not completely locked down with SMTP auth be avaliable.

Is there any way to enable this feature?  Or do I have to bite the bullet and make an SMTP server without auth avaliable?

Many Thanks,

CH.

:22699


This thread was automatically locked due to age.
Parents
  • 0
    Hello CH,

    the question I did not ask before is, why is email alerting important?
    Apart from this I must be missing something here. But maybe I have an incorrect concept of your network and setup in mind. An S (or s, be it a prefix, suffix or attached with some special character) does not necessarily mean more security. V.v. supporting unsecured protocols is not necessarily an increased risk.
    Auditors - OTOH - are ;-). We've laxed one rule because the auditors (from a reputable, big, global company) could not be convinced that they (and/or their software) got the relational operator wrong for one of the security parameters they were checking. After three years we gave up and set it so the sw no longer complained.

    Still I don't get it how the different requirements are weighed in and how the pros, cons and risks are assessed. How strict is the security on the clients, for example?

    Christian
    :22723
Reply
  • 0
    Hello CH,

    the question I did not ask before is, why is email alerting important?
    Apart from this I must be missing something here. But maybe I have an incorrect concept of your network and setup in mind. An S (or s, be it a prefix, suffix or attached with some special character) does not necessarily mean more security. V.v. supporting unsecured protocols is not necessarily an increased risk.
    Auditors - OTOH - are ;-). We've laxed one rule because the auditors (from a reputable, big, global company) could not be convinced that they (and/or their software) got the relational operator wrong for one of the security parameters they were checking. After three years we gave up and set it so the sw no longer complained.

    Still I don't get it how the different requirements are weighed in and how the pros, cons and risks are assessed. How strict is the security on the clients, for example?

    Christian
    :22723
Children
No Data
Unfiltered HTML