On Mon, 15 Jun 2009 13:49:43 -0400
Scott Grizzard <scott@scottgrizzard.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> These are all about setting up a gateway server - my problem is "what
> if you are doing end-to-end encryption, where the mail
> servers /can't/ read the email.
>
> I understand the idea of doing encryption on the gateway, but if you
> are encrypting on the local machines (using pgp for example), how do
> you do antivirus?
>
> - - Scott Grizzard
> http://www.scottgrizzard.com/
> scott@scottgrizzard.com
>
> Pete Theisen wrote:
> > Scott Grizzard wrote:
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >> I agree completely and wholeheartedly about your recommendations -
> >> Window$ is evil and vulnerable beyond compare. /Given/ /that/,
> >> can I send/receive encrypted email in a way that is still scanned
> >> by antivirus on the client's computer?
> >>
> >> In an ideal world, the recipient would be using Linux, and there
> >> would be no need, but, in an ideal world, blah blah blah.
> >>
> >> Iff I use Windows, and if I use gnupg encryption (or S/MIME),
> >> would the anti-malware on the local computer scan the
> >> message /before/ it was read, or is the anti-malware bypassed
> >> completely, leaving a giant security hole no matter what OS I am
> >> using?
> >>
> >> I have been looking all over the web for an answer, and I have
> >> found /nothing/ so far.
> >
> > Hi WScott!
> >
> > I sent you a link to the first article, the next ten of the four
> > million probably are interesting as well,
> >
> > http://www.google.com/search?hl=en&q=linux+gateway+server&aq=f&oq=&aqi=
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAko2ibUACgkQARR1QiSWUG4KPgCggv4llqsf2w74IUd9eoV952uw
> tbMAnjvj6AwLY1mK0DcxtIkPiNh7Mgb4
> =72xt
> -----END PGP SIGNATURE-----
As for infected files, they must be on disk unencrypted before a
program can open it; if the antivirus is watching the filesystem, I
would think it would catch it. You can try it out in a VM. As for the
vulnerability of the client itself, set it to open messages in text
mode.
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:14:32 EDT