AVG and Pegasus (or is it Outlook?)

Topic

New Reply

One of AVGs “features” is that it stamps a footer on the incoming and outgoing emails “certified by AVG, etc”. At home, I use Pegasus as my email client. Since installing the new AVG Free, if I send a Word attachment to my work account, when I open the email in Outlook 2002 the attachment appears as a block of uuencode text. Switch the stamp off and it comes through OK. (The stamp was quite separate from the coded block which had an “END”).

If I try the same thing from home with the Opera email client it will get through to Outlook successfully with or without the stamp. And even curiouser, if I forwarded the duff email to another account and picked it up with my iPaq then PocketOutlook would successfully decode!!

But (to quote Bill Cosby) “I told you that story to tell you this story”. What do folk think of email scanning? Is it necessary? Given I am using an email client that isn’t vulnerable to problems in the email body that leaves only attachments. And attachments should be captured by the resident scanner if one is foolish enough to open them.

Reply | Quote

Replies

“using an email client that isn’t vulnerable to problems”
Are you sure, I will trust NO supplier until there is a track record.
Also bet that you think that the MAC and Linux is safe from infection.

DaveA I am so far behind, I think I am First
Genealogy....confusing the dead and annoying the living

Reply | Quote

[indent]

---

“using an email client that isn’t vulnerable to problems”
Are you sure, I will trust NO supplier until there is a track record.

---

[/indent]
Perhaps I should have said “known problems such as those that infest MS products” (And Peg’s been around since 1990 BTW)
[indent]

---

Also bet that you think that the MAC and Linux is safe from infection

---

[/indent]
No sir!

Reply | Quote

First – no email client is invulnerable to problems and that includes Pegasus. True it is less susceptible since it does not do script – but there have certainly been viruses written specifically to use Pegasus for propagation. Of course, Pegasus does handle attachments. It is just a much smaller target and therefore “no fun” for the bad guys to concentrate on. But note if it becomes more popular, it too will be a target, just as Mozilla Firefox is.

IF all incoming email is scanned, and you maintain your system with current anti-virus signatures and perform frequent system scans, and perform all other necessary steps involved in “safe computing”, then I too agree that outgoing scanning is unnecessary and I have turned mine off. But I note that I am very conscious about what I am sending out – especially attachments. As an IT “professional” it would be embarrassing if I sent along an infected email – certainly my colleagues would let me know about it unmercifully!

Bill (AFE7Ret)
Freedom isn't free!

Reply | Quote

I used to work for a company that has a large PC manufacturer as a client. Their marketing people sent us emails with viruses all the time.

Reply | Quote

I used to work for a company that has a large PC manufacturer as a client. Their marketing people sent us emails with viruses all the time.

Reply | Quote

Perhaps I should explained my casual attitude by having added that my ISP uses the Brightmail (any relation? ) virus/spam filtering service. So I don’t actually see any viruses (touch wood) as they are caught on the server.

Reply | Quote

Charlotte – then obviously they did not adhere to my IF statement above!

Keith – no relation – that I know of. Don’t be too confident that all viruses will be caught on the server as not all viruses come from emails – and BrightMail, as it’s name inplies, is an EMail scanner. You could download an infected file, or through file shares, or on a floppy. And note that your anti-virus program is only as current as its latest signature file. The SMALLEST estimate I’ve seen is 8-10 new viruses discovered every day. How often do you think BrightMail is updated?

My ISP, Cox Communications, uses McAfee but I still use Norton AV in auto-protect mode, a NAT firewall, ZoneAlarm firewall, AdAware, SpyBot, and Trojan Hunter! My AV scans my PC nightly, I never open attachments from anyone without scanning first, I delete all attachments if I don’t know the source. I never install (run) from the web – instead I download and save to disk, scan, and then install. Since I know that some really nasty malware have been known to disable scanners, I also scan my PCs these on-line scanners every so often:

Trend Micro HouseCall
or
PandaSoft ActiveScan

Can’t be too sure – there are some very cleaver bad guys out there.

Bill (AFE7Ret)
Freedom isn't free!

Reply | Quote

Charlotte – then obviously they did not adhere to my IF statement above!

Keith – no relation – that I know of. Don’t be too confident that all viruses will be caught on the server as not all viruses come from emails – and BrightMail, as it’s name inplies, is an EMail scanner. You could download an infected file, or through file shares, or on a floppy. And note that your anti-virus program is only as current as its latest signature file. The SMALLEST estimate I’ve seen is 8-10 new viruses discovered every day. How often do you think BrightMail is updated?

My ISP, Cox Communications, uses McAfee but I still use Norton AV in auto-protect mode, a NAT firewall, ZoneAlarm firewall, AdAware, SpyBot, and Trojan Hunter! My AV scans my PC nightly, I never open attachments from anyone without scanning first, I delete all attachments if I don’t know the source. I never install (run) from the web – instead I download and save to disk, scan, and then install. Since I know that some really nasty malware have been known to disable scanners, I also scan my PCs these on-line scanners every so often:

Trend Micro HouseCall
or
PandaSoft ActiveScan

Can’t be too sure – there are some very cleaver bad guys out there.

Bill (AFE7Ret)
Freedom isn't free!

Reply | Quote

Given the poor detection rates, high false positive rates, and bull in a china shop approach of many spam filters I don’t want my ISP determining anything for me unless I’ve got complete control and can review everything. I’d rather have software on my own systems that makes the call and learns what I want to be considered spam. I’m pretty sure I don’t want them doing an A/V scan either. I’d rather have software to do it myself.

Joe

--Joe

Reply | Quote

They can do AV scans all they want – I don’t care about that – but I agree about SPAM scans, I prefer to have my SPAM blocker (MailWasher Pro) manage it – and even though it has not given me a false positive, I don’t even let it auto-delete.

Bill (AFE7Ret)
Freedom isn't free!

Reply | Quote

They can do AV scans all they want – I don’t care about that – but I agree about SPAM scans, I prefer to have my SPAM blocker (MailWasher Pro) manage it – and even though it has not given me a false positive, I don’t even let it auto-delete.

Bill (AFE7Ret)
Freedom isn't free!

Reply | Quote

I’m pretty happy with the Brightmail service hosted by my ISP. You can review the spam folder either through IMAP or a webmail interface (there’s a 7 day wait before stuff is automatically deleted). False positives? I get 50-100 spams a day and for the first few months of the service I carefully reviewed the spam without one false positive. I’m now fairly confident that I can just delete anything that arrives in the folder. You can turn the virus and/or spam filitering off if you choose.

Despite the screening I still get 3 or 4 per day through to my PC (where some of the time Pegasus will find them with its own screening). I can’t see Brightmail being any different that Mailwasher (mentioned elsewhere) effectively except that a bit of traffic (Mailwasherserver) is saved (assuming you are happy with the amount/level of filtering).

Layers of security is the way to go, starting with the ISP filter, followed by up-to-date virus and firewall on the PC, and aided by using email/browser applications that are less likely to be targetted.

Reply | Quote

Glad it is working well for you. I certainly agree with a layered approach to security in general. But I still don’t want an ISP deciding what I get and what I don’t. That’s why we get to choose ISPs I suppose.

Joe

--Joe

Reply | Quote

Glad it is working well for you. I certainly agree with a layered approach to security in general. But I still don’t want an ISP deciding what I get and what I don’t. That’s why we get to choose ISPs I suppose.

Joe

--Joe

Reply | Quote

I’m pretty happy with the Brightmail service hosted by my ISP. You can review the spam folder either through IMAP or a webmail interface (there’s a 7 day wait before stuff is automatically deleted). False positives? I get 50-100 spams a day and for the first few months of the service I carefully reviewed the spam without one false positive. I’m now fairly confident that I can just delete anything that arrives in the folder. You can turn the virus and/or spam filitering off if you choose.

Despite the screening I still get 3 or 4 per day through to my PC (where some of the time Pegasus will find them with its own screening). I can’t see Brightmail being any different that Mailwasher (mentioned elsewhere) effectively except that a bit of traffic (Mailwasherserver) is saved (assuming you are happy with the amount/level of filtering).

Layers of security is the way to go, starting with the ISP filter, followed by up-to-date virus and firewall on the PC, and aided by using email/browser applications that are less likely to be targetted.

Reply | Quote

Given the poor detection rates, high false positive rates, and bull in a china shop approach of many spam filters I don’t want my ISP determining anything for me unless I’ve got complete control and can review everything. I’d rather have software on my own systems that makes the call and learns what I want to be considered spam. I’m pretty sure I don’t want them doing an A/V scan either. I’d rather have software to do it myself.

Joe

--Joe

Reply | Quote

Perhaps I should explained my casual attitude by having added that my ISP uses the Brightmail (any relation? ) virus/spam filtering service. So I don’t actually see any viruses (touch wood) as they are caught on the server.

Reply | Quote

First – no email client is invulnerable to problems and that includes Pegasus. True it is less susceptible since it does not do script – but there have certainly been viruses written specifically to use Pegasus for propagation. Of course, Pegasus does handle attachments. It is just a much smaller target and therefore “no fun” for the bad guys to concentrate on. But note if it becomes more popular, it too will be a target, just as Mozilla Firefox is.

IF all incoming email is scanned, and you maintain your system with current anti-virus signatures and perform frequent system scans, and perform all other necessary steps involved in “safe computing”, then I too agree that outgoing scanning is unnecessary and I have turned mine off. But I note that I am very conscious about what I am sending out – especially attachments. As an IT “professional” it would be embarrassing if I sent along an infected email – certainly my colleagues would let me know about it unmercifully!

Bill (AFE7Ret)
Freedom isn't free!

Reply | Quote

[indent]

---

“using an email client that isn’t vulnerable to problems”
Are you sure, I will trust NO supplier until there is a track record.

---

[/indent]
Perhaps I should have said “known problems such as those that infest MS products” (And Peg’s been around since 1990 BTW)
[indent]

---

Also bet that you think that the MAC and Linux is safe from infection

---

[/indent]
No sir!

Reply | Quote

“using an email client that isn’t vulnerable to problems”
Are you sure, I will trust NO supplier until there is a track record.
Also bet that you think that the MAC and Linux is safe from infection.

DaveA I am so far behind, I think I am First
Genealogy....confusing the dead and annoying the living

Reply | Quote

I think it’s okay to turn off outbound e-mail scanning and the associated stamping. Most people do not rely on the sender to scan the message’s attachments, nor trust the message if it is there. If it creates problems, I’d turn it off.

Reply | Quote

I think it’s okay to turn off outbound e-mail scanning and the associated stamping. Most people do not rely on the sender to scan the message’s attachments, nor trust the message if it is there. If it creates problems, I’d turn it off.

Reply | Quote