[SLUG] Antivirus and Email Encryption - both Linux and... that other OS

From: Scott Grizzard (scott@scottgrizzard.com)
Date: Sun Jun 14 2009 - 19:19:01 EDT

Next message: Pete Theisen: "Re: [SLUG] Antivirus and Email Encryption - both Linux and... that other OS"
Previous message: Eben King: "Re: [SLUG] gnuplot"
Next in thread: Pete Theisen: "Re: [SLUG] Antivirus and Email Encryption - both Linux and... that other OS"
Reply: Pete Theisen: "Re: [SLUG] Antivirus and Email Encryption - both Linux and... that other OS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Sluggers,

I am being forced to use "that other OS" in a project, and I had a
question about email malware protection. Now that I think about it, I
think it applies to Linux too, especially if you are using Mozilla.

Obviously, if you are encrypting your email (with either gnupg or
S/MIME), the anti-malware on your mail server (and gateway firewall, and
gateway mail-server, all running different vendor's products) is
completely useless, since these applications can't peer into an
encrypted email just as everyone else can't.

My question is, "when does the /client's/ anti-malware check incoming
emails, before or after decryption by the mail client?

I would assume, since Outlook supports S/MIME out of the box, that virus
scanners that integrate with Outlook would look as soon as the email was
decrypted, before the user interacted with it... but I can't see the
source code to make sure. GPG4Win is not natively supported, so who
knows if it checks at all?

Ditto with Thunderbird... when does it check? With Thunderbird, I am
especially worried about people sending infected /files/, not embedded
macros. If someone gets an infected /document/ in the mail, they may
open it (or put it on a server) /before/ it is scanned.

Any ideas?

I did a Google search, but did not find an answer to this question, and
I think it is worth asking.

- - Scott Grizzard
http://www.scottgrizzard.com/
scott@scottgrizzard.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAko1hWAACgkQARR1QiSWUG7hwgCfcuLUH4+C0GTAenfgrEY/rWNf
MBAAn3KMnDI213r8Vch1xk3VwLtYf5Fz
=gE54
-----END PGP SIGNATURE-----

-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.

Next message: Pete Theisen: "Re: [SLUG] Antivirus and Email Encryption - both Linux and... that other OS"
Previous message: Eben King: "Re: [SLUG] gnuplot"
Next in thread: Pete Theisen: "Re: [SLUG] Antivirus and Email Encryption - both Linux and... that other OS"
Reply: Pete Theisen: "Re: [SLUG] Antivirus and Email Encryption - both Linux and... that other OS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:13:37 EDT